Fake “DHL” Email Targeting Australians You Should Never Open
Australians should beware of phishing emails masquerading as the delivery company DHL and aimed at stealing personal and banking information from victims.
Email security software platform MailGuard said it intercepted emails that looked like delivery alerts asking recipients to “complete shipping transaction” to get a package delivered that didn’t. does not exist.
“Dear customer, you have a package awaiting delivery to Terminal 1! of [sic] unpaid shipping charges, ”the email read.
“Please complete the shipping transaction.
“Confirm the payment of AUD 2.99 for the shipment to be able to deliver it,” he continues.
The email also comes with a warning that the package will be returned to sender within 48 hours if no action is taken.
MailGuard has warned that users who click on the hyperlinks will be sent to a fake page using the DHL brand that asks them to enter personal information such as their name, phone number and home address.
Users are then taken to the next page, which asks for their credit card number, expiration date, and CVV.
“The domains used in the URLs of these pages, however, do not belong to the shipping company. These are in fact phishing pages hosted on a domain which appears to be designed specifically for phishing purposes, ”MailGuard warned in its latest .
“Once users submit all of the information required by these pages, the attacker will harvest it for later use.”
Under no circumstances should users click or provide their contact details, the software platform warned.
“We strongly recommend that all recipients delete these emails immediately without clicking any links.”
Scams tend to increase as they approach year-end, according to MailGuard, with many people likely shopping more online and anticipating packages due to deals and sales.
“We’re all eager to shop on time, so we might not think twice before clicking a link in package delivery notifications,” MailGuard said.
Email uses certain techniques, such as creating a sense of urgency by asking users to act within 48 hours, to motivate people to enter their bank details without thinking.
Additionally, the inclusion of bogus features like a fake verification code improves the perception that the email is real.
But there are many factors that indicate the email isn’t real, such as missing first name (“dear customer”), spaces, and grammatical errors.
If you received this email, forward it to DHL at address.
“We never use @gmail, @yahoo or other free email services to send emails.
“We never link to any website other than our own, for example starting with https://dhl.com/, https://dpdhl.com/ or a country / campaign website. “