Chard Truck Services Limited

[Margaretha Palone]

Inthis article, we will analyze phishing and malicious emails sent by fraudsters that claim to come from international delivery services. The most popular of these are DHL (Germany), FedEx and United Parcel Service (USA), TNT (Netherlands). All of these companies are international, with millions of customers using branches in major countries all over the world. They provide similar services, so scammers use the same methods and techniques in their fraudulent mails.

Structurally, the address in the From field looks like this: Sender Name . To confuse recipients, scammers can change parts of the address and often make it look very similar to an official address of the delivery service.

While analyzing sender address, remember that scammers do not need to hack the company servers to use the real company domain in the From field. They can simply insert the necessary domain name of the server into the From field.

The subject of the fraudulent mail should capture the imagination of recipients and encourage them to open the message, but it also needs to be plausible. Therefore spammers choose common phrases typical of official notifications from delivery services. After sending a parcel or a document, customers worry about its successful delivery and try to follow its progress by reading any notification from a delivery service.

All major international companies have their own corporate style, including wordmarks, graphic trademarks, corporate fonts, slogans and color schemes. These are used on the official website, in mailings and commercials, and in other design components. Scammers use at least some of these elements when designing fraudulent emails to make them look convincing. Usually phishers focus on logos because these elements are unique to each company and is an immediate identifying mark.

In most official emails we find a number of set phrases, especially when it comes to standard notifications generated and sent automatically. These messages often include contacts and links to the official resources of the sender. Therefore, to make the text of the fake email look like an original notification from a delivery service the fraudsters use:

When fraudsters send out fake emails convincing readers that it is a real message is only part of the battle. The next step is to persuade the potential victim to do what the scammer requires, such as providing personal information or installing a malicious file. This is where psychology comes into play, and the email content is the main tool.

Assuming the fraudsters have convinced the recipients that the email is real, the next step is to tell the victims how to solve their problems. Fulfilling these instructions is the ultimate goal of the fraudulent email. Here it is important for the scammers not just to tell recipients what they need to do, but to make them understand correctly what is written in the message. To avoid any misunderstanding on the part of the recipients, messages often contains detailed instructions about what to do.

To mask the links leading to phishing websites the fraudsters often use popular free URL shorteners. In addition, most services offer customers the ability to view the statistics on the short link which tells fraudsters more about the number of clicks on any links etc. Phishing pages can be located on specially registered domains which usually have a short life span as well as on compromised domains whose owner may not even be aware that the web site is being used for fraudulent purposes.

Below is yet another example of an email sent on behalf of FedEx. This time it contains a malicious link. The email informs recipients that delivery is impossible because of missing information. And now users have to follow the specified link for verification.

The link leads to a fraudulent page where potential victims are invited to download a program that will supposedly check whether they are really going to receive a parcel. Naturally, the program turns to be the well-known Zeus Trojan, which helps the fraudsters to access the computer and all the personal information on it.

Scammers might not only include a phishing link in the body of the email, but also attach an HTML phishing page designed to steal personal data. However this use of HTML attachments as phishing pages is unusual for fraudulent mailings sent on behalf of delivery services.

Yet another mass mailing in Italian contained a malicious archive which included the Zeus/Zbot Trojan used to steal personal data. The fraudulent email claimed that the user profiles on the website had been updated and there was more detailed information about it in the archive.

Another fake notification written in Dutch on behalf of TNT informs recipients that new accounts have been formed for them, with details in the attachment. The archive attached to the email contains Backdoor.Win32.Andromeda, a malicious file that allows the scammers to control the infected computer without the user knowing.

Spam is one of the most popular ways of spreading malware and infecting computers on the Internet. Attackers have various tricks to make victims install malicious software on their computers. Email traffic includes a variety of private emails, such as wedding invitations, dating offers and other similar messages. However, fake notifications from well-known companies and brands providing different services remain the most popular cybercriminal trick. International delivery services are also used by spammers as a cover for malicious spam.

Current malicious programs integrate broad-ranging fraudulent functionality. In addition, some malicious programs can download other malware, providing additional opportunities. These might include stealing usernames and passwords entered in the browser or seizing remote control over the whole computer.

Malicious objects in fraudulent notifications can be embedded directly in the email or downloaded from a link provided in the body of the message. The most dangerous thing about it is that malware can be run and installed without users being aware or installing any software themselves. Typically, malicious ZIP (less often RAR) files enclosed in fraudulent emails have an executable .exe extension.

I got a FedEx shipment notice and ask me to click on shipment notice I did but nothing happened something was blocking it. I could not print it out. It did not ask me for any personal information. Am I safe or do I have to do anything or have my computer check. I have Kaspersky security. I am 80 years old.

Very informative and precise information. This will help a lot of people from scammers that are all over the place. With the technology today, we all should be getting services from reliable and trusted delivery service organizations.

I was to receive a package max owen United States of america and he send me some ticket parcel and the things in the package on 31/10/2020 a woman called at exactly 7.00am and she said my package had arrived that was after 3days time so I could make some clearance fee for the package I told her to send a picture of the package and she did she gave me another 0740787192 for Mariam noah ali so I could send 7,500 for clearance but I did not later on I went and googled Global city coriuer for more information and I took a number from the company and i called 0771432406 and a man received by the name zaddoc kaliwa odhiembo and he send me his number 0796159238 so I could send 5515for my clearance fee and I did send in 20minutes time he said that the package detected some foreign exchange so I pay 20,000 for them to reliese the package so I did not send the 20,000 but what I did was I told them to remain with the package.Will I get back my 5000??

this story happend to me exactly like it is today. i met someone through apps named KHEMKAENG CHAI. he said he is thailand who born in London and work in Rome italy as Mercedez Benz Engineer. We move to whatsaap, change instagram ( username: chai_khem_ ) and he was about to give me a birthday gift with Emergency Package so it can be delivered within 24 hours. He send his London ID Card ( now I knew it was photoshoped ), He also send me a video of his self walking on to the gym on the road. He also send a video he is in the Rome Fashion Store. which i was fall to his trick and believe him, so i gave him my address. and then the next day someone who act as a courrier text me and gave me info that I need to pay IDR 3.000.000 ( I send it) to the PERSONAL BANK ACCOUNT in my local bank for permit fee and excess weight. He is US Citizens and using +1 number to contacting me. He also ask for another IDR 2.000.000 ( I send it) to the same PERSONAL BANK ACCOUNT like before for law and trade because He said the receipent was sending me a lot of money in Envelope and it is crime. a few minutes ago, he ask me to pay IDR 5.000.000 ( I didnt pay) for tax of the money. If not, I will join to the jail. He also threathening me when I am about asking the Airway Billing Number, Payment proof of khem, His local logistic address in my country, and many more. On the other hand, khem was trying to make me believe that the courrier is trusted logistic named VALID DELIVERY EXPERT. He wants me to pay what The Courrier needs. and short story, they both were blocking me at the same time. Unfortunately, i have to lost IDR 5.000.000 million one day before my birthday. I also come to my local bank to freeze those PERSONAL BANK ACCOUNT so I can get my money back. but the process was so complicated that I need the Police Report and etc. I know this is a scammed where I found this website page and read a lot of reviews about this SCAMMER.

My fiance got a message in messenger from his friends account. They are offering you to apply for a government organization that gives grant money. Then they approve you but ask for money to be sent ahead of time to receive a package that contains cash. I reported them to DHL and to Facebook.

My fianc send me a documents package includes check and gold according to him delivery trust company can send packages to my place. Then after he send the delivery trust company send me message including the tracking no.(#)the first track is in Bamako Mali then Rome or Germany I cannot remembered. The last tracking was in north Korea infection then then was on hold in North Korea! US is not diplomatic in north Korea asking me money for taxation in North Korea $6,500! What do you think about this!? Need help to get to know if is scam!?

3a8082e126