Friday, November 3, 2017

DHL Shipment Notification (Phishing)

Dear customers,

A package is coming your way through DHL Express, shipment is on transit and ready for tracking. You can request for tracking details .
Sender Account ending-> *****04291
For full tracking information please click here and follow the process.
Kindly keep the downloaded documents safe, we will need you to provide them
for confirmation before delivering your parcel.
For complaints or further support kindly contact our 24/7 support team .
With kind regards,
2017 © DHL International GmbH. All rights reserved.
DHL Worldwide Delivery ©

htytytytolop

Phishing screenshot :

Email analysis :

NOTE : pjatania@atulauto.co.in
NOTE : Received : from mail.atulauto.co.in ([27.54.160.78])


NOTE : Received : from atulauto.co.in (unknown [192.95.20.146])


NOTE : by mail.atulauto.co.in

Phishing analysis :

CLICK : click here
OPEN : http://workingin-visas.com.au/track/dhl/index.php?email=0
REDIRECT : http://workingin-visas.com.au/track/dhl/tracking.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=0
SCREENSHOT :

No comments:
Labels : , ,

Wednesday, April 5, 2017

Enc:DHL delivery Cust. Ref: 539000135

dhllogo.gif

Dear *@*.*,

A Package is coming your way through DHL.
Kindly confirm if the address is correct and you can also track your Package till it gets to your doorstep.

Track Your Package

DHL Worldwide Delivery ©.

Email analysis :

NOTE : inbox@vaemail.ru
NOTE : Received : from vaemail.ru (vaemail.ru. [80.85.159.162])
NOTE : client-ip=80.85.159.162;

Phishing from 80.85.159.162

Phishing analysis :

CLICK : Track Your Package
OPEN : http://thedanbury.com/dhl/DHLAUTO/track/dhl.php?email=*
RESULT : Phishing was removed...

The phishing is on error
No comments:
Labels : , , ,

Monday, June 27, 2016

FW: Your Shipping Documents (DHL Phishing)

Shipping Documents Receiver's eMail: ***@***.com

Greetings,

As instructed by your shipper, we have attached below the secured PDF copies of your shipping documents and your shipment tracking details from our international logistic partner, DHL Epress.

Click Here To View Your Documents And Shipment Tracking Details : www.dhl.com/documents/0094325.pdf

At Co-Logistics we offer best Service Delivery Commitment with shipper & client.

*´¨)
¸.• ´¸.•*´¨) ¸.•*¨)
(¸.•´ (¸.•'* Best Regards
(¸.•'* .•*´¨)
Smith Wan *
(¸.•'*
Sales Excutive

Cooperate Logistics Co.,Ltd
************************

Head Office
Rm 2401-2502,Guidu Bld, Chungfeng Rd,
Luohu, Shenzhen, China
Phone: (86) 755 88863799
Email: info@co-logistics.com
URL: www.co-logistics.com
Image result for Carrier: DHL FedEx UPS TNT

Phishing analysis :

CLICK : www.dhl.com/documents/0094325.pdf
REDIRECT : http://namaren.com/jyg/DHL/tracking.php?userid=***@***.com

Email analysis :

NOTE : jbarba@morsco.com
NOTE : Mime-Version : 1.0
NOTE : X-Originating-Ip : [14.139.59.197]


NOTE : client-ip=157.56.111.70;

No comments:
Labels : , ,

Monday, November 2, 2015

TR : Bill of Lading / AWB#5735574736 (DHL Phishing)

Dear Sir/Ma ,

Your document has arrived our office. please find the original shipping documents for reference. Also the AWB#5735574736 of the original documents sent to your office.

Kindly follow the instruction as attached for your tracking and shipping documents.

Thanks for your patronage.

DHL OFFICE

DHL-Sinotrans International Air Courier Ltd.
No. 18 Ronghua Nanlu,
BDA Beijing 100176
P.R.China
Telephone: +8610 87846000
Fax: +8610 67808799
E-mail: info@dhl.com
Website: www.dhl.com
Description: DHL Authorized Shipping Center®

shipping docs.htm

File analysis :

OPEN : shipping docs.htm
FILL : FORM
FORM : http://upcyclepolymers.com/images/pattern /ch/customer dhl/logon.php
REDIRECT : http://www.dhl.com.ng/en/express/tracking.html

upcyclepolymers.com whois :

Domain Name: UPCYCLEPOLYMERS.COM
Registry Domain ID: 1757217314_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2012-11-05T16:11:26Z
Creation Date: 2012-11-05T16:11:26Z
Registrar Registration Expiration Date: 2017-11-05T16:11:26Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Registrant Name: Jason Lewis
Registrant Organization: Upcycle Polymers, LLC
Registrant Street: P.O. Box 793
Registrant City: Brighton
Registrant State/Province: Michigan
Registrant Postal Code: 48116
Registrant Country: United States
Registrant Phone: 248-875-8370
Registrant Email: jason@uniplasinc.com
Admin Name: Jason Lewis
Admin Organization: Upcycle Polymers, LLC
Admin Street: P.O. Box 793
Admin City: Brighton
Admin State/Province: Michigan
Admin Postal Code: 48116
Admin Country: United States
Admin Phone: 248-875-8370
Admin Email: jason@uniplasinc.com
Tech Name: Jason Lewis
Tech Organization: Upcycle Polymers, LLC
Tech Street: P.O. Box 793
Tech City: Brighton
Tech State/Province: Michigan
Tech Postal Code: 48116
Tech Country: United States
Tech Phone: 248-875-8370
Tech Email: jason@uniplasinc.com
Name Server: NS17.DOMAINCONTROL.COM
Name Server: NS18.DOMAINCONTROL.COM
DNSSEC: unsigned

Email analysis :

NOTE : chooseyourgift@BennettBrothers.com
NOTE : Primary Hostname - d5.seyjhnbg.org
NOTE : X-Remote : 89.34.26.103 (ip6.deliverybox7.batmail.in)


NOTE : X-Authenticated-Sender : d5.seyjhnbg.org: vitalot
NOTE : Received : from [154.118.17.68] (port=58905 helo=User)


NOTE : by d5.fodseynbg.org with esmtpa (Exim 4.86)

No comments:
Labels : , , , , ,

Thursday, June 11, 2015

DHL Phishing

From a recent comment on another DHL Phishing.

http://ninth.rit.se/html/cfg/wp-content/DHL_International/DHL_Tracking.htm


Analysis :

During analysis, I observed another phishing page :

NOTE : http://ninth.rit.se/html/cfg/wp-content/DHLGLOBALMAIL/DHL_Tracking.htm

rit.se whois :

state: active
domain: rit.se
holder: pinswe1201-00001
admin-c: -
tech-c: -
billing-c: -
created: 1996-05-21
modified: 2014-06-05
expires: 2015-12-31
transferred: 2013-01-15
nserver: ns3.pin.se
nserver: ns2.pin.se
nserver: ns1.pin.se
dnssec: unsigned delegation
status: ok
registrar: PIN Sweden AB
No comments:
Labels : , ,

Wednesday, June 10, 2015

DHL Consignment Notification Arrival: AWB-CN10863274 (DHL Phishing)

DHL_logo
DHL Capability Tool
2.0.25 (Powered by DCT WS 4.1)

Dear ***@***

Your Parcel(s) listed below is scheduled for delivery tomorrow.

You have a DHL Parcel addressed to you.

You need to obtain your Tracking Number so as to check the status of the delivery.

Kindly open the attach to compelte the tracking process and also confirm your delivery address.

DHL WorldWide Delivery

(c) 2012-2015 DHL International

File analysis :

NOTE : DHL Tracking.htm
CONTENT : REDIRECT : http://bbveryyy.3eeweb.com/dh%20(1)/dh/verify.php

3eeweb.com details :

3eeweb.com is free subdomain

Welome to Free Hosting This domain is a free hosting provider www.2freehosting.com subdomain. It is used for clients to host websites under this domain. For example client-website.3eeweb.com. Visit our home page for more details.

Email analysis :

NOTE : john@avdi.com.ph
NOTE : Received : from [46.183.222.63] (port=63595 helo=IP-222-63.dataclub.biz)


NOTE : by host2.webeasyas123.com with esmtpa (Exim 4.85)
NOTE : (envelope-from < john@avdi.com.ph >)
No comments:
Labels : , ,

Friday, April 24, 2015

B/L SHIPPING DOCUMENTS (DHL Phishing)

DHL_logo
DHL Capability Tool
2.0.25 (Powered by DCT WS 4.1)

Dear ***@***

Your Parcel(s) listed below is scheduled for delivery tomorrow.

You have a DHL Parcel addressed to you.

You need to obtain your Tracking Number so as to check the status of the delivery.

Kindly complete the tracking process on our webpage link www.dhl.com/dl/tracking

and also confirm your delivery address .

DHL WorldWide Delivery

(c) 2012-2015 DHL International

Email analysis :

NOTE : eva@hiaphuat.com.sg
NOTE : X-Return-Path : prvs=1550eb6956=eva@hiaphuat.com.sg
NOTE : X-Mdav-Processed : mx.biz-era.net
NOTE : X-Mdremoteip : 37.203.214.183


NOTE : Received : from mmx.biz-era.net (mx.biz-era.net. [210.193.7.118])


Phishing analysis :

CLICK : www.dhl.com/dl/tracking
OPEN : http://telsolutionsperu.com/DHLSERVICE/DHL%20Express/DHL%20Express/DHL_EzyBill.htm?userid=*@*
SNAPSHOT :


CLICK : Track Now
REDIRECT : http://www.dhl.com/en/express/tracking.shtml
No comments:
Labels : , ,

Monday, February 23, 2015

DHL Shipping document (DHL Phising)

Dear Customer,

Here is your Shipping Document/Invoice and copy of DHL receipt for your tracking. Please kindly click on the (Check Your Package) button below to confirm accordingly if your address is correct, before we submit to our outlet office for dispatch to your destination.

Check Your Package

DHL Worldwide Delivery ©.

Email analysis :

NOTE : hslim@sinotranskorea.co.kr
NOTE : Received : from sendfilter01.ktweb.co.kr
NOTE : (sendfilter01.ktweb.co.kr. [222.122.141.96])
NOTE : Received : from [211.62.35.103] ([211.62.35.103])
NOTE : by sendfilter01.ktweb.co.kr
NOTE : Received-Spf : hslim@sinotranskorea.co.kr
NOTE : DHL Shipping document

Phishing analysis :

CLICK : http://bc.vc/Txgy8z
REDIRECT : http://northjerseylandscapingservice.com/wp-admin/maint/yes/new/dh/dhl.htm
SCREENSHOT :


VALIDATE : FORM
REDIRECT : http://northjerseylandscapingservice.com/wp-admin/maint/yes/new/dh/dhl2.htm
SCREENSHOT :


REDIRECT : http://www.dhl.com/en.html

northjerseylandscapingservice.com analysis :

Registrant Name: Stefano Montella
Registrant Organization: Montella, Inc.
Registrant Street: 5 Bell Street
Registrant City: Stanhope
Registrant State/Province: New Jersey
Registrant Postal Code: 07874
Registrant Country: United States
Registrant Phone: (973) 347-6266
Registrant Email: montellainc@optonline.net
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe