近期收到好多封內容是DHL相關的釣魚email,這樣的假冒的網站不是釣魚的頁面就是病毒頁面的,內容大概如下
If the links are not working, please move message to “Inbox” folder.
DHL
PACK STATIONDHL Ship Shipment Notification
On April 26, 2013 a shipment label was printed for delivery.
The shipment number of this package is 54438663.To get additional info about this shipment use any of these options:
1) Click the following URL in your browser:
Get Shipment Info
2) Enter the shipment number on tracking page:
Tracking Page
For further assistance, please call DHL Customer Service.
For International Customer Service, please use official DHL site.
Disclaimer:This message was created by DHL Ship, a product of DHL, at the request
of the sender. No authentication of email address has been performed.
Deutsche Post DHL 2013 DHL International GmbH. All rights reserved.
後來在網絡上查詢了下,已經有人已經做了分析,是病毒頁面,眾多的郵件連接的病毒頁面主要有
http:// www.sv-adler-jugend.de /images /index.php? info=856_1493680062
http:// www.weschnitzkinder.de /images /index.php? get_info=4_166963088
http:// parafia.klimontow.pl /images /index.php?get_info=ss00_323
http:// eumpharma.com /images /index.php?info=845_7066307
http:// www.crienen.nl /images /index.php?info=845_1450950792
http:// longgaquan.com /images /index.php?get_info=ss00_323
http:// eumpharma.com /images /index.php?info=845_31391526
http:// aptekapanacea.ru /images /index.php?get_info=ss00_323
http:// suntechnology.hu /images /index.php?info=833_708529882
http:// www.sv-adler-jugend.de /images /index.php?info=856_1493680062
http:// www.uniwersytet.spirytyzm.pl /images /index.php?info=833_1605962506
http:// www.zs6.eu /images /index.php?get_info=ss00_323
http:// www.espacioolazabal.com.ar /images /index.php?get_info=ss00_323
http:// mail.setec.gob.ec /images /index.php?info=833_655791810
http:// gckgruta.pl /images /index.php?get_info=4_166963088
http:// www.nasekorenine.si /images /index.php?info=845_7066307
http:// www.gpp1wola.naszeprzedszkole.org /images /index.php?info=845_31391526
http:// www.htsmiddelburg.co.za /images /index.php?get_info=4_166963088
http:// mail.setec.gob.ec/ images/ index.php? info=833_655791810
http:// www.espacioolazabal.com.ar /images /index.php? get_info=ss00_323
http:// hva-va.org /images /index.php? info=856_1870803989
http:// www.htsmiddelburg.co.za/ images/ index.php? info=833_1702962092
http:// www.k-anastasiou-sa.gr /images /index.php? info=833_1605962506
http:// www.celivre.org.br /images /index.php? get_info=4_166963088
http:// www.sportnet.is /images /index.php? get_info=ss00_323
http:// www.jewelryofasia.com /images /index.php ?info=845_31391526
http:// www.asacon.eu /images / index.php? info=833_708529882
http:// www.outletplytkowy.pl /images /index.php ?info=845_7066307
病毒頁面下載的病毒Detail.exe的MD5是 f27b3b05b52bacdceb1abede13579d07,看起來模樣像一個OFFICE文檔,在線查毒也有認識的
https://www.virustotal.com/en/file/9cb859786b675ee21920a56754ca37a929e479702574ebaf60fa8ad380fd2474/analysis/1366640577/
所以大家如果收到類似信息的,還是不要亂點啊。