Almost but no cigar, you malware vermin

Here’s an email I just received. Can you spot the little signs that this is malware?

Dear customer!
The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly.

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox!

Thank you,
DHL Global Forwarding Services.

attachement -> 23.9 kb

Here’s the little things that should clue you in that the attached zip file is malware.

Dear Customer! – Who addresses an email this way? If this were legit, DHL would have my name. Unless English is your second language, you know better than to end your salutation with an exclamation mark, too.

The courier company – Huh? DHL suddenly forgot their company name?

You may pickup the parcel at our post office personaly.[sic] – DHL would not refer to their facility as a “post office.” I would also hope a legitimate source would know how to spell “personally.”

Please attention! – More bad English. ESL is always a good sign the email is bogus.

ZIP – And finally we have the zip file attached. A legitimate email from DHL, FedEx, or UPS would have the tracking number and other details in the body of the email. If we weren’t fully convinced that this was all bogus, seeing the zip file attached should cinch it.

The subject line of the email was “DHL Customer Services. Get your parcel NR.5796”. I’ve never seen a package carrier who doesn’t love numbers. 5796 is a tad bit short. Normally package tracking codes or reference numbers are longer than your arm.

Keep your wits about you. Learn the signs of a malicious email.

  • Bad English
  • Unnecessary punctuation, often exclamation marks in hopes you’ll get excited, too.
  • No reply return addresses. Though some companies use them, customer service contacts usually don’t. Legitimate customer service contacts would usually rather deal with you by email and provide an address.
  • Things that just don’t add up like DHL forgetting its company name or referring to their facility as a post office.

Let’s be careful out there in the big scary interweb world, kids.


4 thoughts on “Almost but no cigar, you malware vermin

  1. In hopes of helping you sound more good, I humbly offer that malware is short for malicious software (a program). An email is not software and should not, therefore, be referred to as malware. The attachment, in all likelihood, contains malware.
    And now, my friend! I have this special offer from Microsoft and AOL, in connection from with the following: U.S. Dept. of Treasury, and my rich Nigerian cousin!!!

  2. I will not be a big fat cry-baby if you wish to remove this and my previous comment… To be completely honest, I will still be big and fat, but I won’t be a cry-baby.

  3. I just didn’t understand you comment, WNed. You had me re-reading the post, trying to see where I said the email was malware. The zip file attached was the malicious code. Just confused.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s