Home » Articles » Internet

Is DHL_Information.exe A Virus?...

I receive an email from Yahoo today claiming that it comes from DHL Delivery Service using an email address:<federal.s.nr0730@dhl.com>. Together with the email is a file attachment with a filename of DHL_Information.exe. See the picture below how it looks like:

Take note of the

And here is the full message of the email I received:

The company could not deliver your package to your address.
The package was returned to DHL office.
Information about your package is attached to the letter.
Look through the information about your package thoroughly.

Thank you for using our services.
DHL Global Services.

At first, I don't know if this is a virus. And I didn't even email to DHL and didn't have any transaction from someone who will be delivering his/her package to me thru DHL. But when I search the net, I found out that it is truly a virus. That's why I didn't click the file.

If you receive the same kind of email, please don't trust that email or don't even bother to download its attachment especially if the file attachment is a .exe (executable) file.

Here are the details about this virus coming from blog.onlymyemail.com.

Just in case anyone is confused about the latest round of emails claiming to now be coming from DHL, let’s make it clear that if they contain an EXE and a ZIP attachment then they’re viruses.

Subject lines for this campaign are fairly similar, with a randomized number tacked onto the end to help avoid simplistic spam filters:

  • DHL Office. You need to get a parcel NR.0026
  • DHL International. Please get your parcel NR.7346
  • DHL International. Get your parcel NR.0883
  • DHL Express. Please get your parcel NR.1374
  • DHL Customer Services. Please get your parcel NR.7148
  • DHL Express Services. Please get your parcel NR.0062
  • DHL Express. Get your parcel NR.1289

And the "spoofed” from addresses are pretty consistent as well, claiming to come from a handful of variations on the DHL.com and DHL-Usa.com domains, with random fake names inserted as well:

  • "Support Pearl Dodson” <delivery@dhl-usa.com>
  • "Support Kelli Wesley” <package@dhl-usa.com>
  • "Support Emile Beal” <courier@dhl-usa.com>
  • "Support Barry Mansfield” <parcel@dhl-usa.com>
  • "Manager Ira Mccray” <office@dhl.com>

The email itself is generally consistent as:

Dear customer!

The courier company was not able to deliver your parcel by your address. Cause: Error in shipping address.

You may pickup the parcel at our post office personaly.

The shipping label is attached to this e-mail. Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox!

Thank you,

DHL Delivery Services.

Finally, the attachments, which carry the actual virus payload, are also easy to spot, claiming to be labels, with one an "exe” and the other a "zip” compressed file:

  • DHL_Label_Nr27481.zip
  • DHL_Label_Nr27481.exe

The virus campaign itself is spread by infected personal computers connected to the Internet worldwide, and as diverse as:

  • static.telewest.net ([]
  • static.netvigator.com ([]
  • dyndsl.versatel.nl ([]
  • dsl.monaco.mc ([]
  • [] (helo=corporat190-025249084.sta.etb.net.co
  • [] (helo=cliente-72119.iberbanda.es)
  • [] (helo=152.subnet125-164-85.speedy.telkom.net.id)

Opening or executing either of the attachments will result in adding your own PC to the list of infected spam zombies that are distributing this attack.

So be warned. Never open any .exe file from an email coming from anyone you don't know or from a suspicious email address. Virus can damage your computer, and worst can hack or gather very vital information of your computer files such as bank accounts and passwords.

If you have the same kind of experience, please share some tips and advise to others, so that they will also be informed and not to be a victim.


Please support us in writing articles like this by sharing this post

Share this post to your Facebook, Twitter, Blog, or any social media site. In this way, we will be motivated to write articles you like.

--- NOTICE ---
If you want to use this article or any of the content of this website, please credit our website (www.affordablecebu.com) and mention the source link (URL) of the content, images, videos or other media of our website.

"Is DHL_Information.exe A Virus?" was written by Mary under the Internet category. It has been read 4748 times and generated 0 comments. The article was created on and updated on 13 November 2010.
Total comments : 0