What makes this a Phishing message?
- The sender's email address, "office@korloycompany.ro", is suspicious:
- The top-level domain (.ro) is Romanian -- would you expect a legitimate company to email you about a U.S. shipment from an email address originating in Romania?
- The domain name itself (korloycompany.ro) has no connection to who the sender purports to be. DHL Express is a well-known shipping company and would not send email notifications from office@korloycompany.ro.
- Why would a DHL parcel arrive at the post office? That doesn't make sense.
- And why would you need to check the shipping documentation before the package is dispatched? That is very unusual.
This message is a ploy to trick the recipient into clicking on the links below, which then takes them to a webpage where malware is surreptitiously installed on their computer.
Original Message:
Subject: DHL EXPRESS DOCUMENT Dear xxx@berkeley.edu Label Number: E727D5151D Find attached the full statement information and a full list of outstanding Invoices. DHL_EXPRESS.pdf (34Kb)View|Download |