The National Cybersecurity Institute of Spain (Incibe) has issued an alert of medium importance (level three out of five possible) after detecting a fraudulent campaign in which the identity of DHL is impersonated and the user is asked to pay to recover a package that has been returnedall with the aim of accessing the victims’ banking information.
In this scam, mass emails are sent to users and are falsely informed that a supposed package has been returned to the DH officeL.
To prevent the package from being returned to the sender, asks them to make a payment and provides them with a link in the email for it. By accessing the link, the victim is asked to enter personal and banking information through several forms that appear during the process, explains Incibe.
Specifically, the email informs of a notification of a DHL shipment, which has been returned to an office of the company itself, and indicates to the user that they must pay a shipping cost of 2.65 euros if you do not want your package to be returned to the sender.
“If you look at the sender’s address, it does not have any type of relationship with DHL. To give more credibility to the email, cybercriminals have included the company’s logo. In addition, in the link you can see a domain that pretends to be the legitimate DHL (www.dhl.com), although the ‘www.’ are missing. Likewise, when clicking on the link the page redirects to another domain that has nothing to do with the official one,” the entity details.
In the event that the user has received an email of this type and has not provided any data, Incibe recommends marking it as ‘spam’ and delete it from your inbox.
Instead, If the user has shared their banking or personal details through the fraudulent website, the victim must report the situation to their bank. to take appropriate measures, such as canceling the affected card.
Along these lines, Incibe also recommends that potential victims of this scam check the movements of their affected bank account in the coming months, so that, if they detect unauthorized charges, they can immediately report it to their entity.
It also urges you to collect all possible evidence, such as emails and screenshots of the process, and then contact the State Security Forces and Corps to deliver all the evidence.
#scam #empties #bank #accounts #clicking #email #impersonates #courier #company
