Published: 13th of July, 2022.Last updated: July 13, 2022 at 16:37 pm
This morning, I received an email that appears to have come from “DHL Express.” The subject line read, “CONFIRMATION OF SHIPMENT FROM DHL.” When I opened it, it read:
Dear (my name), CHECK ENCLOSED ATTACHED FILE FOR CONFIRMATION. Shipment Recipient: This shipment can be cleared only by: email@example.com. Regards. DHL Express. Thank you for shipping with DHL Express!
At the bottom of the email was a document named “DHL-parcel.html” which I am asked to download. Upon downloading the document (and you shouldn’t because it could contain viruses), I opened it, and it asked me to sign in to Yahoo Mail. The page is cleverly disguised to look just like the Yahoo Mail page, and you could easily think that it is, but it isn’t. This is called “cloaking,” and the hacking technique may be described as “phishing.”
If I only typed in my email address and password, the information would be passed to the hackers via keyword loggers installed in the phishing page. After hackers hack my email, they can then gain access to more sensitive information such as credit card, banking, Facebook etc., and even steal my identity. That is why we need to be careful on the internet.
The scammers were so clever in disguising the email to make it appear as though it comes from DHL that it was hard to tell that it didn’t. However, being an IT expert, I was able to cipher it out. One of the ways to do this is to try to reply to the email and see the address to which you are replying. In the case of a scam, the email will have nothing to do with DHL, as in this case. But sometimes, hackers are able to cloak their email addresses to make it look like a DHL address, and it would take a technology professional such as myself to recognize the scam.
Here are a few tips. If you receive an email from DHL but are not aware of having bought anything online that is being shipped by DHL, and no one is sending anything to you by DHL, chances are, it’s a scam. If in doubt, you can call DHL to find out if they are trying to contact you by email.
Share this email to save someone from being a victim of online hacking.