In the age of technology, businesses are increasingly relying on digital means of communication. Unfortunately, this has also opened the door to cybercriminals seeking to exploit vulnerabilities in company networks.
One such tactic is phishing, a fraudulent attempt to obtain sensitive information such as login credentials or financial information by disguising as a trustworthy entity.
In this report, we will focus on a specific type of phishing attack – the DHL delivery message email sent from NameCheap.
The email, with the subject line “Your parcel was not able to be delivered,” appears to be from NameCheap, a domain registry company, with senders displayed as hello@namecheap.com and support@namecheap.com. The email mimics the look of a DHL Express delivery notification, using the company’s signature branding and color scheme as a background. The message claims that a parcel delivery was not able to be made due to unpaid fees and instructs the recipient to pay the fee and track their parcel by clicking on an attachment.
However, this is a ploy by the cybercriminals to steal the recipient’s credentials. Upon clicking the attachment, victims are directed to a phishing page that resembles a DHL tracking website and are asked to enter their email address and password. The page is made to look more convincing with the inclusion of a background image depicting DHL courier vans and branding, but the domain address does not belong to DHL.
Delivery companies such as Australia Post, FedEx, and DHL are popular targets for phishing scams due to their reputation and large customer base. It is important for individuals and businesses to remain vigilant and protect themselves from these types of attacks.
DHL provides guidelines on their website for determining if an email is fraudulent. According to DHL, official communication will always come from a domain address ending with @dhl.com, @dpdhl.com, @dhl.de, @dhl.fr, or a country domain after @dhl. They never use free email services such as @gmail or @yahoo to send emails and never link to a website other than their own starting with https://dhl.com/, https://dpdhl.com/, or a country/campaign website.
In the event of receiving a suspicious email, DHL advises reporting the message to their Anti-Abuse Mailbox at phishing-dpdhl@dhl.com. They recommend forwarding the message as an attachment from a desktop computer with complete mail headers, or if using a mobile device, forwarding the message and reporting it as spam within the mail app.
MandyNews, your favourite blog, also urges recipients of the DHL delivery message email from NameCheap to delete it immediately without clicking on any links. They advise being cautious of emails that are not addressed by name, appear to be from a legitimate company but use poor English, come from unexpected businesses, or take the recipient to a landing page or website that is not the legitimate URL of the company.
To prevent these types of phishing attacks from compromising your business, MandyNews.com recommends investing in their predictive and advanced email security solution. This added layer of protection can safeguard sensitive information and prevent potential disruption to business operations.
