DHL scam is connected to some fake delivery notice text message. DHL scams, including related emails, messages, and websites, are shown in this article. If you see a suspicious DHL text message 2021 know that it is a DHL phishing scam from a Fake sender. If you suspect your computer device to be infected, scan your system with a security program.
DHL Scams are quite widespread across the World. From specially crafted websites that push such scams, to specific messages sent to targeted email addresses, the DHL brand has been used in DHL scams for nefarious reasons. Such reasons include stealing DHL credentials, personal information, or pushing malware with a hidden agenda in most cases.
More and more users fall victim to these scams as they are recurring and keep reappearing every few months. That is due to the fact that every new variant of a scam tends to mimic DHL closer than before, making it more believable with each new attempt.
Ultimately, you will be asked to login or visit a URL address and do some action or pay for a shipment via another service. You should avoid any links other than the official DHL ones, and you will see how you can differentiate between them and the ones used in scams in this article.
DHL Phishing Scams Summary
| Name | DHL Scams |
| Type | Phishing, PUP, malware |
| Short Description | Phishing messages trying to trick you into clicking links to get redirected. Once redirected you will be asked to do an action, such as providing personal details, data about credential information or fill in a form. In some cases, clicking a link will download malware on your PC. |
| Symptoms | You receive an e-mail message that is allegedly from DHL. You will be urged to click on a link. You can then get malware on your computer or get redirected from link to a landing page mimicking the DHL website asking you to fill in information. |
| Distribution Method | Phishing Emails, Pop-up messages, Redirects |
| Detection Tool |
See If Your System Has Been Affected by malware
Download
Malware Removal Tool
|
November 2020 DHL Phishing Messages Update
Check Point Research staff made a thorough analysis of the popular phishing scams that are being used against web users the most. It appears that the top places are held by Microsoft and DHL. According to their statistical information, the main point-of-intrusion includes email messages and brand impersonation techniques.
To a large extent, these attacks are becoming more and more prevalent due to the rise of remote workers amidst the COVID-19 pandemic. Some of the detection techniques which are used to identify potentially fake DHL messages rely on the checking of several attributes. The phishing email messages may notify the recipients that they are receiving a shipment without quoting a valid tracking number.
A principle method that is widely practiced by hacking groups is the manipulation of users into making them open files, making them believe that this is required in order to show the tracking number. In reality, this will lead to a virus code execution.
Another frequent DHL-related fraud is the sending out of notifications that ask for payment of goods prior to the delivery. The company does not collect payment of goods ordered from merchants.
DHL Fake Delivery Notice Text Message
Most times, a fake delivery notice text message is delivered via DHL scam emails. Such emails are more frequent than in the past as users order online more these days. Users are reporting DHL Text messages inside scam emails by the dozen. The modus operandi of the DHL scam emails has not changed drastically, although a phone number might be involved, making for a DHL scam call every once in a while. If you have any doubt and if the emails you have received are indeed DHL scam emails , look no further – in this article, we have gathered the most common of these scams, what they do and how to protect yourself from them.
DHL Scams – Distribution Ways
Those might distribute via a third-party installation setup. Applications connected to DHL Scams can intrude your computer, without your knowledge of that. Installer setups like those could be set by default to install additional components. Bundled packages and freeware setups regarded as PUPs could be distributed and push scam messages to your PC and browsers. To avoid installing unwanted applications, you can to search for the Custom or Advanced settings. If you find such, you could probably deselect anything you do not want on your machine.
Note! These types of DHL Scams were seen to be pushed via e-mail address messages on a large scale as seen on the below screenshot. Beware of any messages that have links to DHL services that you don’t remember using.
DHL Scams might distribute itself by using similar websites that are hosting phishing landing pages. Websites like those use the DHL brand without permission, and to an extent, you might not differentiate the original with the fake website. Clicking on just one redirect link or an advertisement could send malware to your computer system. Banners, pop-ups, and more kinds of adverts could be placed on top of browser pages to push more links and phishing messages. Any browser could be affected and any operating system for that matter.
DHL Scams
Many scams related to DHL are circling the Internet nowadays and seem to increase every month. This article will reveal the vast majority of scam types, which suggest that you have to use the DHL Service in some way or form to receive some shipment or reward via the service. The scam is not exactly new as versions of it can be observed from years ago. Although, every year, the scam gets more and more sophisticated and has built higher popularity amongst users. People that fall victim to such scams are surprisingly growing instead of decreasing.
Websites that are hosting such DHL Scams can load pop-ups and other advertising content as you are browsing to help popularize it. Heaps of advertisements might show, promoting a way to obtain a shipment or something else via the DHL brand.
DHL Scams – Ursnif Malware Delivery
A separate attack campaign has been detected in early December 2018 which uses the DHL phishing scam as the conduit to spread the Ursnif Trojan. According to the released information, the intrusions are being done in targeted waves. The reported infections seem to be focused against Italian users. An example subject line is the following “”VS Spedizione DHL AWB 94856978972 proveniente dalla GRAN BRETAGNA AVVISO DI GIACENZA”. The email messages display the typical DHL scams as stated above; some of them may be personalized in order to fool the recipients into interacting with them. The dangerous payload is attached directly to an archive file. When it is opened, it will reveal a .js (JavaScript) file. When launched, it will initialize the infection script.
When this is done, the infection script downloads a dropper, which will first generate a lot of Internet traffic that may seem random. This is done in order to make detection more difficult.
In the end, the dropper will download and extract an extract a second-stage file. It will establish a connection with a hacker-controlled server, which uses signatures that are identical with Ursnif malware samples. Further information about the Ursnif malware samples detected in the DHL scams reveals that the third-stage of the malware also installs itself as a persistent threat. This means that it will manipulate the Windows Registry, making it very hard to remove.
This infection allows the hackers not only to spy on the users but also execute commands, hijack their data and take over control of their machines at any given time.
“DHL Parcel Arrival Notification” Scam
This scam is a recurring one, which means that it keeps showing up, year after year, months after months. The scam shows you a notification of a “DHL Parcel Arrival“.
You can preview a variant of the DHL Parcel Arrival scam message below:
From the above image, you can see an email message with stating that you have a DHL Parcel awaiting delivery. That message can also be sent via SMS to targeted phone numbers, containing nearly the same message. Here is what such a message contains:
From: DHL Express [fake mail redacted]
Date: Sat 20/05/2017 14:37
Subject: Attention: You have 1 New Parcel for delivery
Attention:
You have 1 New Parcel for delivery. Our courier was unable to deliver the parcel to you due to incorrect delivery details.
To receive your parcel, Please see and check attached shipping documents.
CLICK HERE TO VIEW STATUS
With kind regards, DHL Express
…………………………………………………………………………
CONFIDENTIALITY CAUTION: This message is intended only for the use of the individual or entity to whom it is addressed and may be confidential in nature. If you are not the intended recipient, please notify us immediately by return email, and please do delete this message. You should not disseminate, distribute, copy, or disclose any information contained herein to any third party. **Please consider the environment before printing this email**
Somewhere inside the message there will be a link. That link may look like the official URL address of the DHL service but do not get fooled. The link will redirect you to a phishing page that may look very similar to a legitimate DHL-hosted page, but has a suspicious URL that is not located on the official domain. In this case, the link shown above will land you on a page with a long address, such aa one with lots of symbols like numbers and random letters, as seen in the below screenshot:
Afterward, you will be prompted to enter your email address and password to the DHL service. In case you are wondering why, it is due to the fact that the cybercriminals want to steal your DHL account and related online identity. If you proceed and enter both of these details, you will be redirected with a message that you have entered an “invalid password”, tempting you to enter your details “correctly” and carefully. If you go the rounds one more time, you will get the following page to display:
Here is where you should get suspicious. Why would the company need your address sent again, if you indeed ordered something? In case you did not get suspicious and went on and filled the details on that page as well, you will finally get redirected to the official page of the DHL website. You should be wary of any such websites, and if you doubt the contents of a message that is supposedly from DHL you should ask your family household if anybody ordered something via the service or login by entering the official URL into the address bar.
“DHL Shipment Notification” Scams
The DHL Scams have many variations, but what you will see the most are the following messages, displayed in the below screenshots:
” DHL Shipment Notification” scams will generate an email message with content of something in the lines of the following:
From: DHL Customer Support [support fake email]
Date: Thu 30/03/2017 14:58
Subject: DHL Shipment Notification : 1860915879
Attachment: _Dhl_expr._DATE201703.zip
Body content:
Notification for shipment event group “Delivered” for Thu, 30 Mar 2017 14:57:31 +0100.
AWB Number: 1860915879 Pickup Date: Thu, 30 Mar 2017 14:57:31 +0100 Service: N Pieces: 2 Cust. Ref: G Description: DOMESTIC EXPRESS
Ship From: Ship To:
NBL S. A. NA * – 49796 NAEVENT CATEGORY Thu, 30 Mar 2017 14:57:31 +0100 – Shipment delivered – Signed By – M C
Shipment status may also be obtained from our Internet site in USA under [fake URL address] or Globally under [fake URL address]
Please do not reply to this email. This is an automated application used only for sending proactive notifications.
You are receiving this email because a notification is configured to receive notifications from Proview.
The left of the above screenshots shown above depicts one of the scams involved with the spoofing of the DHL brand, stating that some documents are ready for download and that a package you ordered is on its way. Inside that note, a link will be provided. That link might redirect you to an address that downloads a malware payload on your computer. Another example would be an attachment that goes along with the email that contains a file (usually an executable or JavaScript file disguised as a document). Such an attachment will also, in most cases, download a malicious payload aiming to infect your computer system.
However, most of the time, these messages aim to do the same procedure as the one previously described on the “Parcel” type of scam. That procedure involves redirecting you to a phishing landing Web page and stealing your information (including personal data and credential details). After you input the details on any similar page, you will get your DHL account hijacked, or even worse – your identity is stolen and used for other online purchases.
Another Phishing Scam that has been seen in July 2018 is the following email:
Dear customer,
Your Shipment has just arrived at our Regional Office and ready for delivery today, but we were unable to confirm your delivery address.
Please Download and print the attached receipt to duly complete the Identity check required for verification of your delivery address and forward to nearest DHL office.
Your shipment will be on hold Until the security check is completed.
Please endeavor to be as accurate as possible to reduce time of clearance and recipient confirmation.
NOTE: IF YOUR PACKAGE IS NOT DELIVERED OR PICKED UP WITHIN 48 HOURS, IT
WILL BE RETURNED TO THE SENDER. CONTACT US FOR FURTHER ASSISTANCEThank you for using our services.
Best regards,
Ellen Liu.
DHL Express Services(c) 201-2019 DHL International
1 attachments (total 53.9 KB)
[1]CONFIDENTIALITY NOTICE: This message is from DHL and may contain
confidential business information. It is intended solely for the use of
the individual to whom it is addressed. If you are not the intended
recipient, please contact the sender and delete this message and any
attachment from your system. Unauthorized publication, use,
dissemination, forwarding, printing or copying of this email and its
attachments is strictly prohibited.
A user with a nickname Al Crosby reported it in the comment section of this article.
Do not believe in messages that look suspicious and when you do not recollect if you indeed ordered something described inside the messages. Beware of such scams as they try to look like the delivery brand more convincingly by using similar or the same design as the official site network.
Below you will see how to differentiate the usage of the DHL brand from scams and the real thing. You will also find tips on what to do or not do to avoid getting scammed. You should also scan your computer if malware is causing such messages to show up on your computer screen.
DHL Scams are prominent in August 2019 as much as in the past. They are phishing types of scams that aim to trick you into clicking on links, download malware, and malicious activities. Such scams are mainly pushed via email, as users are not expecting scams in their letters, even if these are located in the spam folder. One variant features the following text:
Subject : Re: DHL Notification / DHL_AWB_0011179303/ ETD
REMINDER!!!
Dear Customer,
We attempted to deliver your item at 2:45 PM on Aug 13th, 2019. (Read enclosed file details)
The delivery attempt failed because nobody was present at the shipping address, so this notification has been automatically sent.If the parcel is not scheduled for re-delivery or picked up within 72 hours, it will be returned to the sender.
Label Number: (Read enclosed file details)
Class: Package Services
Service(s): (Read enclosed file details)
Status: e-Notification sentRead the enclosed file for details.
You can use folder explorer to open the folder if it doesn’t open by default.
DHL Customer Service.
2021 © DHL International GmbH. All rights reserved.
If you see the DHL Text Message 2019 then know that it is a scam trying to con you, so you should avoid it.
In February 2019 a new global DHL phishing scam was uncovered carrying the Muncy malware. Computer hackers are using a sender email address, which may be mistaken for coming in from DHL themselves — support[at]dhl[dot]com. It uses the subject line of “DHL SHIPMENT NOTIFICATION” in order to raise attention to its contents. it coerces the recipients into opening malicious attachments containing a script that downloads and executes the dangerous virus. This technique can be used with standalone virus files and infected documents, which can be of all popular types — spreadsheets, presentations, databases, and text documents. When they are opened, a prompt will appear, asking the users to enable the built-in macros to view the contents correctly — this will trigger the malicious payload.
The Muncy Trojan will immediately start to scan the infected machine in order to gather personal information that can reveal information both about the victims and their systems. The data can be categorized into two main types:
- Victim Information — This is data that can directly reveal the identity of the users by searching for strings such as a person’s name, address, interests, phone number and even any stored account credentials.
- Machine Identification — Important parameters can be harvested such as installed hardware parts, operating system data and user settings.
Following this, all acquired information will be transferred to the hacker operators via a secure network connection. This Trojan behavior also allows the operators to execute remote code, take over control of the compromised machines, and steal user files.
Older Fake DHL Text Messages
A new wave of DHL scams has been detected that appear as being sent by DHL. The legitimate DHL address is used to target many users at once. The phishing email scam’s goal is to coerce as many victims as possible into clicking on the link in the body contents. This will download an infected document (in most cases a Microsoft Word file), when opened, will request the users to enable the built-in scripts. This will trigger a Trojan infection. The current attack campaign has been configured to deliver the Remcos RAT. In 2019, the Remcos RAT v1.3.7 infections caused numerous infections around the world.
In October 2018, a new wave of DHL scams emerged, possibly being done by another criminal collective. The collected samples associated with it shows that it is not a large-scale attempt. This gives security experts reasons to believe that this may be a test campaign or a small-sized targeted attack. A classic scenario is used by sending email messages that are designed to appear like a legitimate DHL message notification. The following elements are an example of what the messages can include:
- Misleading Names — The hackers behind the phishing campaign can all use similar sounding domain names to the real DHL site, signature or domain name. In some cases the sent messages can include the recipient’s real name, personal details and etc. harvested through information gathering techniques or bought on the hacker underground forums.
- Graphics & Design — The criminals can hijack the graphics, layout and overall design from actual DHL messages. They can confuse the users into thinking that they have received a legitimate notification.
- Required Interaction — Many of the collected samples require the recipients to perform some kind of interaction. This is usually the point where malicious behavior can be observed.
The exact contents of the DHL phishing message is a delivery notification. The body contents read that the users have received a parcel, and they need to download a receipt that is to be given to the courier. A view document is attached, which will lead to malicious behavior. Depending on the individual hacker configuration, there can be several different outcomes.
This can lead to the download of infected malware payloads. In the case of DHL notifications, this is usually a document of any of the popular types: presentations, databases, spreadsheets, or text files. Whenever they are opened, a notification message will be shown, asking the users to enable the built-in scripts. If this is done, a virus infection will follow. In other cases, the virus file can be directly attached and launched.
August, 2018 marks the start for the spread of yet another DHL Phishing scam. The scam consists of a message which is delivered to your e-mail.
You can see it in the below screenshot taken from our Support e-mail Inbox:
The email is around 39 KB in size and its contents are the following:
DHL
Dear [recipient’s name is included here]
Your DhI express shipment with waybiII number 813347995 from WKDA it on its way and will require a signature
We got instruction from our client to contact you on the above subject. Below are your Shipping documents/Invoice and copy of DHL receipt for your tracking. Please confirm accordingly if your address is correct, before we submit to our outlet office for dispatch to your regional office.
View Your Shipping Documents/Invoice and Copy of DHL Receipt CLICK HERE:
Regards,
2018 © DHL International GmbH. All rights reserved.
DHL Corporate
Office. +1 (800) 321-8807 feel free
Visitingaddress: 180 Park Avenue,
Building 105 , PO Box 950, 07932 Florham Park, NJUHS of Delaware, Inc. Confidentiality Notice: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this information is prohibited, and may be punishable by law. If this was sent to you in error, please notify the sender by reply email and destroy all copies of the original message.
© 2018 DHL Express | Customer Service |
As you can see, the scam involves a link labeled “CLICK HERE” as well as a telephone number, which if you dial will probably have a cybercriminal on the other line. Not to mention that if you click the telephone number another number might be dialed.
Do not follow any instructions given in such a message. Make sure you are dealing with an official message from DHL and not a phishing scam.
In late March and the beginning of April 2018, another DHL phishing scam emerged. The scam tries to trick users that if they want to track their package, they need to enter their email address and password. This is how the phishing page looks:
As you can clearly see, the design looks really close to that of the original DHL website but it differs. The brand and logo are clearly cropped with some software and pasted on the page. The landing page feels cheap, but if somebody doesn’t look into these details and is expecting a package, might fall for the scam.
DHL Scams – How to Avoid Them in 2021?
In this section, you will find out how to differentiate between DHL Scams and messages from the official DHL brand, following a simple set of rules and guidelines. So, if you are reading this article, you should now know that there is a multitude of scams involving a DHL shipment or parcel notifications. Below you will see what you should research.
Refer to the following link that is of the official page for DHL Fraud Awareness and Prevention.
New scams and fraud attempts will be listed on those official pages under the country you are using the online services of DHL under the Fraud Awarness program which has a slightly different URL for different countries. For examples, for Serbia, the letters sr would be added at the back of the url, while the main address will remain.
As you now know about the existence of the scams and the official page of DHL Fraud Awareness, refer to the following guidelines on how to avoid most scams related to the shipping brand:
- Never pay before your goods get delivered
- Do not provide any details about you, your addresses or similar information via email or unknown Websites
- Do not open email attachments, as DHL does not send such, neither it requests users to open such
- Always use DHL.com to refer to pages in connection with the service
- Avoid messages with grammatical or typographical errors
- Avoid emails that are not addressed to you by name
- Avoid messages sent by a service you don’t expect to hear from
- Avoid messages that do not include a tracking number or specific details about your order or address
- Avoid clicking on links to provide your email address for verification
- Avoid payments to someone whose identity you can’t confirm
The guideline rules listed above were constructed by the SensorsTechForum team via research done on the matter. These rules are based on common sense and depending on the various scams related to DHL.
Some of these scams related to DHL can be removed by closing the message or browser. In case the scam pages continue to bother you even after that, then you probably have something else on your computer generating them.
How to Get Rid of DHL Scams Completely
All that is required to remove some scams is to ignore the message, never respond to it and delete it. Other scams require a bit of action, such as thoroughly scanning your computer machine with security software to determine whether you have some malware component that is pushing spoofed messages to your computer, browser, or email address.
We highly recommend that all computer users scan their system for active infections and malware using a security program. That could prevent many malicious actions and stop malware from distributing further.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
Tsetso Mihailov
Tsetso Mihailov is a tech-geek and loves everything that is tech-related, while observing the latest news surrounding technologies. He has worked in IT before, as a system administrator and a computer repair technician. Dealing with malware since his teens, he is determined to spread word about the latest threats revolving around computer security.
Follow Me:
- Guide 1: How to Remove DHL Phishing Scams from Windows.
- Guide 2: Get rid of DHL Phishing Scams on Mac OS X.
- Guide 3: Remove DHL Phishing Scams in Google Chrome.
- Guide 4: Erase DHL Phishing Scams from Mozilla Firefox.
- Guide 5: Uninstall DHL Phishing Scams from Microsoft Edge.
- Guide 6: Remove DHL Phishing Scams from Safari.
- Guide 7: Eliminate DHL Phishing Scams from Internet Explorer.
- Guide 8: Disable DHL Phishing Scams Push Notifications in Your Browsers.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
How to Remove DHL Phishing Scams from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove DHL Phishing Scams
Step 2: Uninstall DHL Phishing Scams and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:
Follow the instructions above and you will successfully uninstall most programs.
Step 3: Clean any registries, created by DHL Phishing Scams on your computer.
The usually targeted registries of Windows machines are the following:
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
You can access them by opening the Windows registry editor and deleting any values, created by DHL Phishing Scams there. This can happen by following the steps underneath:
1. Open the Run Window again, type "regedit" and click OK.
Tip: To find a virus-created value, you can right-click on it and click "Modify" to see which file it is set to run. If this is the virus file location, remove the value.
Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.
Step 4: Scan for DHL Phishing Scams with SpyHunter Anti-Malware Tool
Video Removal Guide for DHL Phishing Scams (Windows).
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Get rid of DHL Phishing Scams from Mac OS X.
Step 1: Uninstall DHL Phishing Scams and remove related files and objects
1.Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to DHL Phishing Scams. Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove DHL Phishing Scams via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
→ ~/Library/LaunchAgents
/Library/LaunchDaemons
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove DHL Phishing Scams files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as DHL Phishing Scams, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Video Removal Guide for DHL Phishing Scams (Mac)
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Remove DHL Phishing Scams from Google Chrome.
Step 1: Start Google Chrome and open the drop menu
Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"
Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.
Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Erase DHL Phishing Scams from Mozilla Firefox.
Step 1: Start Mozilla Firefox. Open the menu window:
Step 2: Select the "Add-ons" icon from the menu.
Step 3: Select the unwanted extension and click "Remove"
Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Uninstall DHL Phishing Scams from Microsoft Edge.
Step 1: Start Edge browser.
Step 2: Open the drop menu by clicking on the icon at the top right corner.
Step 3: From the drop menu select "Extensions".
Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.
Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Remove DHL Phishing Scams from Safari.
Step 1: Start the Safari app.
Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.
Step 3: From the menu, click on "Preferences".
Step 4: After that, select the 'Extensions' Tab.
Step 5: Click once on the extension you want to remove.
Step 6: Click 'Uninstall'.
A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the DHL Phishing Scams will be removed.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Eliminate DHL Phishing Scams from Internet Explorer.
Step 1: Start Internet Explorer.
Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'
Step 3: In the 'Manage Add-ons' window.
Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.
Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.
Remove Push Notifications caused by DHL Phishing Scams from Your Browsers.
Turn Off Push Notifications from Google Chrome
To disable any Push Notices from Google Chrome browser, please follow the steps below:
Step 1: Go to Settings in Chrome.
Step 2: In Settings, select “Advanced Settings”:
Step 3: Click “Content Settings”:
Step 4: Open “Notifications”:
Step 5: Click the three dots and choose Block, Edit or Remove options:
Remove Push Notifications on Firefox
Step 1: Go to Firefox Options.
Step 2: Go to “Settings”, type “notifications” in the search bar and click "Settings":
Step 3: Click “Remove” on any site you wish notifications gone and click “Save Changes”
Stop Push Notifications on Opera
Step 1: In Opera, press ALT+P to go to Settings.
Step 2: In Setting search, type “Content” to go to Content Settings.
Step 3: Open Notifications:
Step 4: Do the same as you did with Google Chrome (explained below):
Eliminate Push Notifications on Safari
Step 1: Open Safari Preferences.
Step 2: Choose the domain from where you like push pop-ups gone and change to "Deny" from "Allow".
DHL Phishing Scams-FAQ
What Is DHL Phishing Scams?
The DHL Phishing Scams threat is adware or browser redirect virus. It may slow your computer down significantly and display advertisements. The main idea is for your information to likely get stolen or more ads to appear on your device.
The creators of such unwanted apps work with pay-per-click schemes to get your computer to visit risky or different types of websites that may generate them funds. This is why they do not even care what types of websites show up on the ads. This makes their unwanted software indirectly risky for your OS.
What Are the Symptoms of DHL Phishing Scams?
There are several symptoms to look for when this particular threat and also unwanted apps in general are active:
Symptom #1: Your computer may become slow and have poor performance in general.
Symptom #2: You have toolbars, add-ons or extensions on your web browsers that you don't remember adding.
Symptom #3: You see all types of ads, like ad-supported search results, pop-ups and redirects to randomly appear.
Symptom #4: You see installed apps on your Mac running automatically and you do not remember installing them.
Symptom #5: You see suspicious processes running in your Task Manager.
If you see one or more of those symptoms, then security experts recommend that you check your computer for viruses.
What Types of Unwanted Programs Are There?
According to most malware researchers and cyber-security experts, the threats that can currently affect your Mac can be the following types:
- Rogue Antivirus programs.
- Adware.
- Browser hijackers.
- Clickers.
- Fake optimizers.
What to Do If I Have a "virus" like DHL Phishing Scams?
Do not panic! You can easily get rid of most adware or unwanted programs by firstly isolating them and then removing them from your browser and computer. One recommended way to do that is by using a reputable malware removal software that can take care of the removal automatically for you. There are many anti-malware apps out there that you can choose from. SpyHunter is one of the recommended anti-malware apps that can scan your computer for free and detect any viruses, tracking cookies and unwanted adware apps and eliminate them quickly. This saves time when compared to doing the removal manually.
How to Secure My Passwords and Other Data from DHL Phishing Scams?
With few simple actions. First and foremost, it is imperative that you follow these steps:
Step 1: Find a safe computer and connect it to another network, not the one that your Mac was infected in.
Step 2: Change all of your passwords, starting from your email passwords.
Step 3: Enable two-factor authentication for protection of your important accounts.
Step 4: Call your bank to change your credit card details (secret code, etc.) if you have saved your credit card for online shopping or have done online activities with your card.
Step 5: Make sure to call your ISP (Internet provider or carrier) and ask them to change your IP address.
Step 6: Change your Wi-Fi password.
Step 7: (Optional): Make sure to scan all of the devices connected to your network for viruses and repeat these steps for them if they are affected.
Step 8: Install anti-malware software with real-time protection on every device you have.
Step 9: Try not to download software from sites you know nothing about and stay away from low-reputation websites in general.
If you follow these recommendations, your network and all devices will become significantly more secure against any threats or information invasive software and be virus free and protected in the future too.
More tips you can find on our website, where you can also ask any questions and comment underneath the articles about your computer problems. We will try to respond as fast as possible.
How Does DHL Phishing Scams Work?
The DHL Phishing Scams threat is typically installed as part of another application that you may have downloaded from the internet. Unwanted apps are often disguised as helpful programs, such as browser add-ons or toolbars, but they can also be included in software downloads without your knowledge.
Threats such as DHL Phishing Scams can also be installed through malicious websites, email attachments, and other dubious sources. Once installed, DHL Phishing Scams can collect data about your web browsing habits, such as the websites you visit and the search terms you use. This data is then used to target you with ads or to sell your information to third parties. DHL Phishing Scams can also download other malicious software onto your computer, such as viruses and spyware, which can be used to steal your personal information.
Is DHL Phishing Scams Malware?
If you have noticed DHL Phishing Scams on your computer, you may be wondering if it is considered malware. The answer is yes, it is possible for an unwanted program to be classified as malware.
Many security experts classify potentially unwanted programs as malware. This is because of the unwanted effects that PUPs can cause, such as displaying intrusive ads and collecting user data without the user’s knowledge or consent. The best way to protect your computer from PUPs is to be careful when downloading software from the internet. Be sure to read the terms of service and privacy policies before downloading any software, and be wary of any suspicious download links or ads.
About the DHL Phishing Scams Research
The content we publish on SensorsTechForum.com, this DHL Phishing Scams how-to removal guide included, is the outcome of extensive research, hard work and our team’s devotion to help you remove the specific, adware-related problem, and restore your browser and computer system.
How did we conduct the research on DHL Phishing Scams?
Please note that our research is based on independent investigation. We are in contact with independent security researchers, thanks to which we receive daily updates on the latest malware, adware, and browser hijacker definitions.
Furthermore, the research behind the DHL Phishing Scams threat is backed with VirusTotal.
To better understand this online threat, please refer to the following articles which provide knowledgeable details.
References
1.Browser Redirect – What Is It?
2.Adware Is Malicious, and It Uses Advanced Techniques to Infect
3.The Thin Red Line Between Potentially Unwanted Programs and Malware
4.The Pay-Per-Install Affiliate Business – Making Millions out of Adware
5.Malicious Firefox Extensions Installed by 455,000 Users Blocked Updates
Another example
Dear customer,
Your Shipment has just arrived at our Regional Office and ready for delivery today, but we were unable to confirm your delivery address.
Please Download and print the attached receipt to duly complete the Identity check required for verification of your delivery address and forward to nearest DHL office.
Your shipment will be on hold Until the security check is completed.
Please endeavor to be as accurate as possible to reduce time of clearance and recipient confirmation.
NOTE: IF YOUR PACKAGE IS NOT DELIVERED OR PICKED UP WITHIN 48 HOURS, IT
WILL BE RETURNED TO THE SENDER. CONTACT US FOR FURTHER ASSISTANCE
Thank you for using our services.
Best regards,
Ellen Liu.
DHL Express Services
(c) 201-2019 DHL International
1 attachments (total 53.9 KB)
[1]
CONFIDENTIALITY NOTICE: This message is from DHL and may contain
confidential business information. It is intended solely for the use of
the individual to whom it is addressed. If you are not the intended
recipient please contact the sender and delete this message and any
attachment from your system. Unauthorized publication, use,
dissemination, forwarding, printing or copying of this E-Mail and its
attachments is strictly prohibited.
i’ve just been a victim of this.. and i think this malware is still doing its rounds as of this writing..
Hi Vanessa,
Can you provide more details on how the infection happened?
Espero una entrega pero los mails que me llegan no dicen ni el asunto ni hay membrete de DHL y no sé si es veridico
If the email does not state DHL or the official site of DHL it is fake. Even if the official website is used, there is also a chance that it is fake. If you ordered something, check the official DHL site for your delivery details and package, without clicking on any URLs from your email.
Hola. Quiero anunciar lo que me pasó. Estoy vendiendo algunos articulos de segunda mano en wallapop y me escribe una persona que ya no esta disponible su perfil en la app, diciendo que quiere comprar el articulo y hay que mandarle un correo electronico, después pregunta si acepto pago contrarrembolso atraves de DHL, aceptando darle el nombre , direccion y valor del artículo. Me manda un correo en seguida como si fuera de DHL diciendo que tengo que pagar 200€ en concepto de gastos de seguro por adelantado comprando en un estanco 2 codigos de neosurf de 100€ y enviar al correo fraudulento supuesto DhL falso los codigos para hacer el envio y que después me devolvería dicho importe de gastos de seguro. En el correo hay un enlace para pinchar para confirmar la direccion.
Nombre fraudulenta: angelique monnier
Correo:
A mi me ha pasado lo mismo yo vendia un bolso y una persona a nombre Choé Priscilla Tapin a través de wallapop contactó conmigo por mail,me izo darle los datos nombre, dirección y telefono. Quedamos que me pagaria el precio del bolso y 100€ aparte en concepto de un seguro, que yo tendria que pagar previamente comprando tarjetas NEOSURF en un estanco, libreria.. por valor de 100€ y enviar los codigos al mail de DHL que me enviaron. La suerte es que estas tarjetas no existen, llamé a DHL i me confirmaron el fraude. He enviado todos los correos a atención al cliente de DHL y lo están investigando.
el correo es
I just got a phishing text from “dhl” saying my package (Gb-6412-gh83) is available and waiting for me to set delivery preferences! I just ordered a whole bunch of stuff gym Wal-Mart so I’m afraid I’ve got a problem! First of all, is malware adaptable across multiple devices? Secondly, all of these prevention and correction steps are for a cpu…what about smartphones?
It looks like you definitely got one of these pesky DHL fake messages. Me and my colleagues haven’t seen the DHL related malware to adapt in such a way. If a device has it, that’s it. But malware is ever evolving so I cannot be completely sure.
For a smartphone, the infection is usually not that deep. If you clear browser cache and settings you should stop seeing the message. If that is not enough, maybe there is an application (an app) installed that keeps pushing the messages. Try to find any apps that seem weird to you and that are recently installed and remove them. Plus, there are free anti-virus programs for phones.
Good luck with the removal and keep us posted.
My husband got the exact same text with the exact same tracking code! DEFINITELY a scam!
Wanna share that I just received a text from “UPS” with the exact same tracking number (GB-6412-GH83). So if anything these “hackers” aren’t adept enough to change it up. I’m glad I googled it, because you can find others posting this exact tracking number online in other fake call/text websites as well. just want to add my comment so people know it’s not just a “DHL” scam.
Se pone en contacto una posible clienta a traves de wallapop.Me pide q contactemos por mail. El suyo, falso,supongo, es . Me dice que le interesa mucho el articulo y rápido.Esta dispuesta a pagarme casi el doble y que vendran a mi casa a buscarlo.Genial. Enseguida recibo un correo supuestamente de DHL con mis datos (me los ha pedido ella antes)y q hay un seguro de envio de 200 euros q ha pagado la Sra,y q yo tengo q ir al estanco a comprar 2 recargas de neosurf q me seran reembolsadas en el momento de venir a recoger el paquete …yo no entiendo nada.Y empieza el acoso por whatsapp, desde el numero 33 644 67 03 84.Insiste en que ella ya ha pagado y yo haga lo q me dicen “los de DHL”…
it still happening right now actually i got an email said,
DHL-Notfication
your package is found, the order has been block in terminal C82
sending from terminal C82
note : pls enter address and pay freight on next page
shipping with City-Express via DHL
TRACKPACKAGE :291HSU-DK
when i try to open on my desktop is invalid and i read it this forum is is true,
they asking your personal identity and your credit card to pay for shipment for the phone that I’ve won during their raffle. not just an ordinary phone its an Iphone 11as they said, im confuse thats why i opened and read this article luckily i did not try or put my info and credit card.
Goedendag,
Ik heb een sms gekregen van DHL dat een pakket bij het distributie centrum ligt maar niet wordt geleverd omdat er te weinig porto is betaalt o.i.d. Is dit ook een bekende oplichting tacktiek?
Vriendelijke groet,
S van Dijk
Just got one of these, tried to report it to DHL – what a joke! Their “Fraud Awareness” page has a “Phishing” link, which leads directly to a “Contact Us” page, which doesn’t give the option of reporting phishing…
I had the same experience. Thought DHL would care about fraud using their name. Instead, they sent me a reply telling me to report it to other organisations. Useless.
DHL Scam emails (in New Calendonia & Australia) asking for money to deliver package used this number: 00340434139185930097.
Beware of:
“nordparcelt” address – it’s a fake DHL site used to get your details/money & send malware.
“freshdesk.com” – the server used by the DHL scammer and many other scammers.
“serviplast” – the scammer’s websites
Fake sites & phoenix companies linked to the DHL scam in (NSW) Australia:
“Barloggio.net.au”, ‘jrt.net.au’ and “Ted Cullen” – fake dog breeder (phishing) sites that operate on dogzonline.com.au
“Infobahn”, ‘Connect Infobahn’ and ‘CIA Business Solutions’
“Bucan Holdings Pty Ltd’ (ABN 90003737040)
‘Bitcloud’
‘Adventurers Realm’
I got a text message that said I have a delivery from Hong Kong due on the 3rd of April. I didn’t click the link but I did google DHL and enter the tracking info and it showed me everything. is DHL even a real company? I didn’t order any thing. It seemed to let me change the shipping address as a guess user without typing my email. It sent me a verification text too.