[SingCert] Increase in Occurrence of Phishing Emails from 'Logistics' Companies

Published on Friday, 23 June 2017 14:51

Background
Recently, SingCERT has noted an increase in the number of reports on phishing emails sent from fake logistics companies.  

Phishing is one of the simplest and more effective ways of obtaining sensitive information from users. The information includes passwords, bank account details and credit card details. A phishing email works by preying on the curiosity of users, convincing them to click on suspicious links or opening file attachments. Phishing emails are becoming increasingly well-written and appear legitimate. Hence, users need to exercise caution. 

An example of one such email is given below. 

Example

From: DHL EXPRESS
Sent: Sunday, 18 June, 2017 12:32
To: <Target Email>
Subject: Dear <Target Email>, Your shipment at our head office
Attachment: ShipmentReceipt.RTF

Dear Esteemed Customer with email address <Target Email>

Your package arrived our regional Office here since last week, however the details provided for dispatch are incomplete / incorrect.

Download attached Shipment Receipt, Track and correct address to enable us proceed with the delivery to your office address.

Yours Sincerely,
Customer Service
DHL GROUP

Impact
For this particular sample, the email attachment contains a malicious code and will result in the downloading of malwares that will infected the target’s device.

Recommendations

  • Do not click on links or open attachments from unsolicited or suspicious emails
  • Inform your ISP if you receive such suspicious emails
  • Do not provide personal information online unless you have verified the authenticity of such requests
  • Change passwords if user has you have unknowingly entered them into the phishing page
  • Inform your bank if you have provided your banking details or credit card credentials 
  • If you have accidentally clicked on a link, run a virus scan immediately

References 
http://www.dhl.com.sg/en/legal/fraud_awareness.html#brand_use
https://www.ups.com/us/en/help-center/legal-terms-conditions/fight-fraud/recognize.page
http://www.fedex.com/us/security/prevent-fraud/index.html
https://www.csa.gov.sg/singcert/news/advisories-alerts/phishing-emails-about-gebiz-and-singnet
https://www.gosafeonline.sg/password_security_and_management