Network News

X My Profile
View More Activity

Nastygram: Bogus DHL e-mails harbor secret message

delete.JPG

A recent spam run that tries to distribute malicious software disguised as a DHL package tracking number contains a poorly hidden message that insults the Security Fix author by name.

According to an analysis by security firm Sophos, the messages arrive as a "Dear Customer" notification stating that the courier company was unable to deliver a parcel to the recipient's address.

The message urges recipients to click the attached "shipping label" for more information, and of course the attachment is a malicious program designed to steal the curious victim's passwords.

Sophos said the tracking number cited in the messages appears to be a jumbled mush of letters, but closer inspection reveals an insult aimed at this author. (Suffice it to say, it is off-color enough that it cannot be repeated here.)

Sophos's Graham Cluely writes: "I find it hard to believe that the hackers' choice of tracking reference number can be a coincidence, even if they did transpose two characters by accident."

Thank goodness these scammers still haven't learned how to spell.

By Brian Krebs  |  November 30, 2009; 8:00 PM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Hackers attempt to take $1.3 million from D.C. firm
Next: Nastygram: CDC 'swine flu' vaccine scam

Comments


I suppose in a strange sort of way it is a complement. If the scammers didn't feel threatened, they wouldn't bother to try and insult you.

Posted by: jackrussell252521 | December 1, 2009 9:05 AM | Report abuse

This is why I don't write about all the malware I see every day: their next step, seeing as this is the Russian Mob we're talking about, will be far less benevolent.

Posted by: williehorton | December 1, 2009 10:23 AM | Report abuse

It wasn't me, I can lleps.

Posted by: gannon_dick | December 1, 2009 5:46 PM | Report abuse

I worked with a person from an Eastern European country and he said that they all get in depth computer training in school. He was a history major and he was programing elegant applications here in the States.

What you have are kids that are extremely computer literate with no jobs in their field of interest or the pay is so low that doctors come to the US to wash floors at Walmart. Some become computer bandits or computer anarchists.

Posted by: Beacon2 | December 1, 2009 6:00 PM | Report abuse

Brian, consider yourself complimented! Wear it like a badge of honor!

Posted by: sw11231 | December 2, 2009 12:09 AM | Report abuse

So, people still click on links in emails?! I guess in this case, all they have to do is view it? And they have html/images enabled?!!! Their lucky if they didn't already get a virus with that step alone!

Just how DO we get messages to people who live under rocks! LOL! [rolleyes]

OTOH, if I had addresses for those people, I'd gladly send them requests for some money, they are obviously gullible enough to just send it to anyone! [headbash]

Posted by: xairbusdriver | December 2, 2009 11:59 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company