Phishing emails use DHL disguise to obtain credentials

A recent phishing scam, unveiled in Australia, used the guise of global logistics giant DHL in order to obtain victims’ addresses without their consent. The hackers created an email template, complete with Dahl’s logo and colour schemes, and fooled numerous citizens. 

As reported in a blog, the email was crafted in a manner that convinced the targets to enter their delivery address into the phishing system, handing out data to hackers. The email claimed that a package for the target was “undelivered”, and that DHL needed the exact delivery address. 

The email also provided a link Phishing where the target needed to enter the said address. This page resembled the DHL login page and already had the login details filled. Once a user tries to enter using these credentials, the login fails – because this is a fake login page – and the credentials are harvested by the perpetrators.

Additionally, the email address from which this sham email is sent appears to be a valid DHL address. In reality, it originates from an overseas mail server which has been compromised. 

These kinds of scams involving prominent retailers and delivery corporations have risen sharply with the increase in e-commerce services during the Covid-19 pandemic. The hackers make their emails as convincing as possible and make them seem very credible.

Despite these attempts, there are clear red flags in this phishing scam. The email is not addressed to the recipient personally, and the phishing page also does not have a domain name belonging to DHL. 

DHL advised their customers to keep a watchful eye over digital correspondence. The company said, “If you suspect having received fraudulent emails, SMS or found a website or social media account that tries to pass off as DHL, we encourage you to let us know at your earliest convenience so that we can quickly take actions to stop the fraud””. DHL even issued a real email address to contact in cases of suspected phishing activity.