[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Amazon - DHL - problem

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Amazon - DHL - problem
From: Martijn Grooten <sweetwatergeek@xxxxxxxxx>
Date: Tue, 7 Feb 2012 12:07:08 +0000
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=/hvmmOKNS8+OstQ6A4PIPd5CI6y4kTJhkzQ61iQzuWM=; b=oj8VJRs5JWU5Wgb1BjZOiFxtZT254UfMfqszCX7DKO+KaEMcVnauokvqfZMLS3eMYC 9ZwszgJ7CQmiwSxbgFaW1fa45Vp0Y1gTr9UOapMUmB91gyPLygA3gFORAzCUap+klC4B 04x/kuGSHY8OBrDE3ZJwgHQCeRR1CVF6cZzxU=

On Tue, Feb 7, 2012 at 11:44 AM, Neil Winchurst wrote:
> I do not know if DHL do courier work for Amazon, but even so, they are
> unlikely to email someone directly. Anyway, how would they know the
> email address?
>
> How did the scammer know about the order anyway? And how did he know my
> friend's email address?

Parcel spam has been going around for years; quite commonly with
malware attached. In some spam traps this morning I found "DHL Express
Parcel Tracking Notification" and "DHL International Notification for
shipment" - and then I only searched for DHL in the subject lines;
they are common for other couriers too.

Many people order things on the Internet and thus many people who
receive such an email think it is about that order they recently
placed. That is why this is such a successful way of making people
open attachments. Did the email he received really mention his name,
or his order or was it generic? I doubt the former was the case; I
certainly have never heard of that for your average Internet user.

I don't know if Amazon uses DHL; they use multiple couriers and change
quite a lot. I also don't know whether DHL sends emails concerning the
order (probably not, that would be Amazon's doing). What they, or any
other courier, would never do* is require you to open an attachment
rather than clicking on a web link/going to their website.

* 'Never' as in: hardly ever, and if they would, they deserve you to
discard the email.

Your description of "his hard disk was trashed" sounds 'interesting'
btw, as it's not quite common for malware to do serious damage (as
it's hard, though not impossible, to monetize doing damage).

> Yes, my friend does use Windows, though I do not know which version. If
> he had been running Linux would the scam program still have run
> successfully? I ask this because I could perhaps talk to him about
> moving to Linux to avoid such problems, if it would indeed be safer,
> once his computer is sorted.

Yes, using Linux would have significantly reduced the likelihood of
damage. It is hard to measure "security" of operating systems and I
personally doubt Linux is more inherently secure than Windows, but its
low market share, especially among the less tech-savvy, means it is
uninteresting for those writing the malware.

Martijn.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] Amazon - DHL - problem
- From: Neil Winchurst

References:
- [LUG] Amazon - DHL - problem
  - From: Neil Winchurst

Prev by Date: Re: [LUG] Amazon - DHL - problem
Next by Date: Re: [LUG] Amazon - DHL - problem
Previous by thread: Re: [LUG] Amazon - DHL - problem
Next by thread: Re: [LUG] Amazon - DHL - problem
Index(es):
- Date
- Thread