IT security and control firm Sophos is warning computer users to
be on their guard following the discovery of a new large scale
malicious spam campaign posing as an email from courier firm
DHL.
The campaign is the second in the space of a week that
masquerades as DHL, and the messages again claim that the courier
company tried to deliver a parcel from you on the 14th of March,
and that you need to print out the attached invoice (contained
inside dhl_n756512.zip) and bring it to their office.
Computer users that fall for the scam and open dhl_n756512.zip
will not see an invoice, but will actually download a malicious
Trojan horse, known as Troj/Agent-JJP onto their PC giving hackers
remote access. The emails all use the subject line 'DHL Tracking
number' but have a randomly generated reference number.
"These emails are currently arriving so frequently in our spam
traps, they're battering down like hailstones on a tin roof," said
Graham Cluley,
senior technology consultant at Sophos. "Computer users that have
recently used DHL to send a parcel may see nothing wrong in opening
what looks like a legitimate email and may click on the attached
zip file without a second thought. By using big names, the
fraudsters are attempting to trick more unsuspecting victims, and
by changing the filename on each message, they're able to avoid
less sophisticated spam filters. All computer users need to watch
out and be careful about any unsolicited file attachment they
receive, no matter who it claims to come from."
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated solution at their email
and web gateways to defend against viruses and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.