DHL Ship Shipment Notification Email Scam - A Scammer is Phishing for Your Identity

Phishing and Vishing Identity Theft Scams
The "DHL Ship Shipment Notification" Scam
Redirects to website: www.las-sombras.de/images/index.php?get_info=ss00_323

You may have received an email like the one below that looks very authentic, like it came from DHL, or a phone call about the same subject. It is an attempt to get you to enter confidential information (typically a social security number, name, address, bank account information, etc., to allow the scammers to steal your identity and open credit cards in your name.

This email was not sent by DHL; DHL  is a victim as well. This is referred to as spoofing (making a fake email that looks legitimate, "phishing" (when by email) or "vishing" (when by telephone). If you receive an email similar to the one below, DO NOT click on the link, and do not enter any information on the forms there. It should be obvious from the subject line alone, which is gibberish: "DHL Ship Shipment Notification"

The website that the link leads to is a spoof; a fake website, not created by DHL. It goes to www.las-sombras.de/images/index.php?get_info=ss00_323, not DHL Ship Shipment Notification! When you enter the information they ask for, you will simply be handing the thieves the keys to your bank accounts.  That is how spoofing, phishing and vishing works.

Remember, no reputable business would send you an email or a phone call requesting your personal account information. Any such email you receive asking for this information should be considered phony and brought to the attention of the business being 'phished'.

Anytime you need to go to a website for your bank, credit card companies or other personal, financial or confidential information; do not follow a link in an email; just type their address in your browser directly (such as www.DHL.com )

Below are actual phishing emails that started circulating in early 2008. We have removed the links to the phisher's website, which is www.las-sombras.de/images/index.php?get_info=ss00_323

It is possible that the owners of the website (www.las-sombras.de/) are not involved, and that their server has been hacked, but the fact remains that this is the address the scam  goes to.


From: Support Team [mailto:support@littlecrowtradingpost.com]
Sent: Wednesday, April 24, 2013 2:19 PM
To:
Subject: Tracking Service

 

If the links are not working, please move message to  "Inbox" folder.

 

                                    DHL   

   23.04.2013                                                                     PACK STATION     

DHL Ship Shipment Notification

 

On April 22, 2013 a shipment label was printed for delivery.

The shipment number of this package is 05554873.

 

To get additional info about this shipment use any of these options:

 

1) Click the following URL in your browser:



                 
Get Shipment Info

 

2) Enter the shipment number on tracking page:



                 
Tracking Page

 

For further assistance, please call DHL Customer Service.

For International Customer Service, please use official DHL site.




Disclaimer:

This message was created by DHL Ship, a product of DHL, at the request

of the sender. No authentication of email address has been performed.



  Deutsche Post DHL                    2013 DHL International GmbH. All rights reserved.   






=======
Correo electr'nico analizado por PC Tools ' No se han encontrado virus ni spyware..
(Email Guard: 9.1.0.2894, Virus/Spyware Database: 6.21090)
http://www.pctools.com
=======

 


What is Phishing?

Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information such as account usernames and passwords that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.

Learn More About Phishing

The following documents and websites can help you learn more about phishing and how to protect yourself against phishing attacks.


Methods of Reporting Phishing Email to US-CERT

  • In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to phishing-report@us-cert.gov  and send it.
  • In Outlook Express you can also open the email message* and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message tophishing-report@us-cert.gov .
  • If you cannot forward the email message, at a minimum, please send the URL of the phishing website.

* If the suspicious mail in question includes a file attachment, it is safer to simply highlight the message and forward it. Some configurations, especially in Windows environments, may allow the execution of arbitrary code upon opening and viewing a malicious email message.


For more information about phishing, see this page.

 


 

For a comprehensive list of national and international agencies to report scams, see this page.