Shane Chambers No Comments

DHL Phishing Campaign Found to Contain New Strain of Malware

Every year, the number of phishing scams seems to be increasing, with the malware-ridden emails getting continually more sophisticated and convincing. The latest global phishing campaign purporting to be from international courier giants DHL has been tricking users into opening a fake PDF attachment – and subsequently unleashed a previously unseen piece of malware to wreak havoc on their PCs.

Cyber criminals are taking advantage of DHL’s worldwide reputation and brand recognition in order to distribute a previously unseen strain of malware, named Muncy. Once the user downloads the fake PDF attachment, the trojan sneaks onto their PC and begins scanning the C:/ drive for any files containing sensitive data.

Once it has completed its scan, it then sends back any data found to the criminals’ server, where they can attempt to steal the user’s money, impersonate them to commit identity fraud, or even request a ransom from them to not release the data publicly.

So how do I recognise this email if I get it? Well, the first question you should ask yourself if you receive a mail from DHL is if you’re expecting a parcel from them. Getting a parcel delivery notice when you’re not expecting any deliveries is always a sign that the email may not be genuine.

For this scam in particular, they have taken advantage of some of DHL’s mail servers to make the emails appear as if they are coming from [email protected](.)com, so they can look quite genuine. The subject of the email is reported to be ‘DHL SHIPMENT NOTIFICATION’, although this may be subject to change if people start to catch on.

The most important thing to bear in mind is to never open links or download attachments in emails that you suspect are not genuine. Most companies like DHL will instead email you a tracking number that you can independently put into their website to see where your delivery is, not send you a PDF out of the blue. Almost any attachment can be dangerous (.txt files are usually safe, but even these have been exploited to contain malware now). That means not just .exe files can execute themselves on your PC and install malware.

If in doubt, throw it out. Be sure to always think before you click anything in an email. If someone, even a trusted friend or colleague, sends you an email asking you to do something you wouldn’t normally, confirm with them over the phone (not text) or in person before you take any actions.

Phishing scams are getting increasingly sophisticated and common, fooling the filters of consumer-based email providers such as Gmail and Hotmail, and even slinking past corporate providers such as Office365 and some advanced email filtering solutions.

For businesses, we would strongly advise cyber security awareness training be provided to all staff as a key tenet of your security practices – doing so can be the difference between avoiding a cyber attack and being the subject of a costly data breach and GDPR fine.

Shane Chambers No Comments

ALL 2.2 Billion Facebook Users May Be Open to Social Engineering Attacks

It’s been a bad year for Facebook so far. They recently revealed that they may have improperly shared the details of 87 million users with a third-party, the now-infamous political consulting firm Cambridge Analytica. Then, on Wednesday, Mark Zuckerberg himself admitted during a press conference that “malicious actors” may have took advantage of Facebook to obtain the public data of all or most of Facebook’s 2.2 billion strong user base.


Social Engineering is becoming a larger problem for businesses and consumers alike over the past years. So what does it mean if cyber criminals have access to your public data?

Read more

Shane Chambers No Comments

Macro Malware: A Common Weapon for Phishing Attacks

A macro is a small piece of code that runs within a software program such as Microsoft Word or Excel, and is normally used to automate common or repetitive tasks. Macro malware is the practice of hiding a virus in a macro code and enticing unsuspecting users into downloading a Word or Excel file and running the macro script within, which then will download a virus, malware or even ransomware onto that person’s PC. Macro malware was common during the 1990s, but lapsed in popularity through most of the 21st century as increasingly savvy PC users learned how to spot the spam or phishing emails that delivered them, which were often riddled with typos. Nowadays, however, macro malware is seeing a big return due to two factors – Phishing emails are becoming increasingly sophisticated and no longer have obvious typos in them, and ransomware – a very profitable form of malware for criminals – can be easily downloaded via a macro, leading to entire networks being encrypted and held to ransom. It is now critical that all users understand the threats that macro malware can pose, particularly to their organisation, and learn how to spot the attacks before it’s too late.


Excel files are a common means of transmission for macro malware, which can download ransomware to infect entire networks at a time

Read more

Shane Chambers 2 Comments

Social Engineering

Social Engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. The hacker might use the phone, email, snail mail or direct contact to gain illegal access. Phishing, spear-phishing and CEO Fraud are all examples.

Hoes does it work? It is often as simple as an email asking you to view an invoice, check out suspicious logins on your account, or even update your password. Cyber criminals will make these emails look as legitimate as possible, and then use social engineering to convince you to carry out the action without second-guessing the action. In more advances attack, such as spear-phishing, the emails may even appear to come from within your organisation. All of this is to convince you to do something that would allow hackers to infect your PC with ransomware or other forms of malware. Often, criminals will attempt to convince you that their email is ‘urgent’, and that something bad will happen if you do not click the link, such as you being locked out of one of your accounts. This tone of urgency is a classic social engineering ploy, and is big factor to look out for when you suspect an email may not be legitimate.

Remember: Always Think Before You Click