dfwci.com

Computer Service / Network Integration / Performance Tuning

Home » Today’s pathetic phishing SCAM allegedly comes from DHL.

Today’s pathetic phishing SCAM allegedly comes from DHL.

Today’s pathetic phishing SCAM allegedly comes from DHL.

The grammar of this sophomoric phishing SCAM is so incredibly hideous I simply HAD to share it:

Message Subject: DHL delivery report
Message Sender: reports@dhl.com
Alleged Actual Sender: superimposehp74@gmail.com
Spoofed sender: cjdngbsmebvp.yapfq.su
Actual server delivering this dreck: ldlhilzayzugdaz.ozckjclio.ru
(Russian – no big surprise)

Now is where the fun begins – the message body:

================================
(Notice there is no greeting here – your first clue)

DHL notification

Our company’s courier couldn’t make the delivery of parcel.

REASON: Postal code contains an error.
LOCATION OF YOUR PARCEL: New York
DELIVERY STATUS: sort order
SERVICE: One-day Shipping
NUMBER OF YOUR PARCEL: ETBAKPRSU3
FEATURES: No

Label is enclosed to the letter.
Print a label and show it at your post office.
(Really?  DHL delivers your parcel to the Post Office?)

An additional information:

If the parcel isn’t received within 15 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $8.26 for each day of keeping of it.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you for using our services.
DHL Global

 

================================

The pitiful excuse for English grammar and sentence structure in this silly email is absolutely laughable.

The attachment designed to ruin your life and empty your bank accounts is:
LABEL-ID-NY19032013-GFK78.zip

Let’s not go clicking on crap like this, shall we?

Name of author

Name: Wizard

Short Bio: The Computer Wizard (TCW). TCW was founded by Warren P. Harris in 1994 to service and repair computers in the San Francisco Bay Area. Relocating the business to Plano, Texas in 1999, TCW continued to flourish when an unfortunate loss of data for a wedding Mr. Harris photographed, caused him to research data recovery options. Realizing he would have to either pay someone to recover the photos or find out how to do it himself, the rest, as they say "is history". Approached by a friend who was a Private Investigator in 2006, Mr. Harris studied for his Investigator's license and began honing his skills in Computer Forensics. The company was renamed DFW Computer Integration in 2015.

7 thoughts on “Today’s pathetic phishing SCAM allegedly comes from DHL.

  • Per Erling Pedersen

    Hei
    Same shit, different message ID (Meldings-ID: ),sendt to me in Norway. Sender: reports@dlh.com.

  • Hallo,

    I have received the same mail,it was sent to Poland. Sender is the same.

  • Please tell me what to do, I already opened it, since I was expecting delivery?

    • Wizard Post author

      You need a professional to remove these infestations, as they are complex. I use several commercially-available tools, but I have to fine-tune the installation of them to achieve thorough removal.

      After the tools complete their tasks, I still need to remove numerous registry entries and file system contamination before the computer is secure again.

      My advice is to research local providers (no chain stores or groups – and no GEEKS). Check out what the reviews say about these places before using them, as there’s a big difference in quality and customer service.

      We cover the entire D/FW Metroplex, but I cannot recommend anyone in another locale, as I’m not up to speed on all of the options.

      Best of luck in removing this nasty pest.

      Also, check your credit reports / bank accounts for suspicious activity.

  • The same email was received by 12 separate email accounts in our UK office. What gets me, users still click on the attachment even though they appear to know it looks suspicious.

  • I also received this pathetic email today (March 20th 2013, CET). In the From field it said “rolf heidenborg “. In the To field there was only a greater than symbol (as in math) but if I double click it the email is revealed as “pat.christensen@dhl.com”. So it was sent from rolf_e.heidenborg@bredband.net to pat.christensen@dhl.com and my own e-mail address was in the Copy (CC) field.

    Thankfully there was no attachment in mine. And looks to be redirected from that other guy. Mr. Rolf E. Heidenborg’s e-mail account has probably been compromised and it is sending out these stupid emails, probably without his knowledge.

    Bredband.net is registered to a ISP in Sweden. They provide Internet, web and e-mail services. I used to be a customer and I registered for a free e-mail account which I still use every now and then, but I have moved on to a different Internet access provider. They don’t seem to have a very good spam protection, if any at all. Because I receive a lot of this shit on this old e-mail address.

    Believe it or not but I have never had a single spam e-mail received on my Google Mail account ever since I registered for one. Surely I have had legit e-mails being marked as spam a few times, but it’s usually forum registration e-mails and stuff like that, nothing important anyway. But it’s only a matter of marking them as not spam and they pop back into the inbox.

  • AFAIK DHL Global Mail does indeed send parcels to the post office. At least where I am. But that’s probably because they don’t operate in this country. Of course the rest of it is still nonsense.

Leave a Reply