What do DHL delivery scams and the Illuminati have in common? The answer is a bogus email address.
Brick-and-mortar DHL delivery scams are back in force. And so are, um… invitations to join the Illuminati.
A phishing campaign impersonating DHL has been making the rounds this week, according to researchers at Bitdefender Antispam Lab. Specifically, bogus delivery emails posing as notifications from the parcel delivery company have ended up in the inboxes of users from Ireland, the US and Germany.
While package delivery frauds are popular year-round, cybercriminals have been exploiting the ruse more often since the pandemic. As usual, the scammers stick to ‘traditional’ triggers and notify recipients that a courier was unable to deliver the package and that they need to access a link and select a new delivery date.
Below you can find an electronic translation of the German version of the DHL phishing message:
“We are sorry to report that the delivery of your DHL package failed. Our courier was unable to deliver the package as there was no receptionist available to receive the package.
In order to arrange a new delivery date, we ask you to inform us of the preferred delivery date. Please click on the link below and enter the new delivery date. We thank you for your support and are always available for further requests.”
When accessing the link, users are directed to a well-crafted copycat version of the official DHL website and asked to make a small payment of 1.85 euros for customs/taxes via credit card or crypto.
We urge all internet users to be highly suspicious of unsolicited correspondence mentioning any unexpected package deliveries. Always check for the sender's email addresses, look for typos and report phishing messages directly to the company. Do not click on links, download attachments or share personally identifiable info and credit card details.
Notify your bank if you do fall for it.
Not everyone gets invited to join the “Great Illuminati Organization,” am I right? This week, however, users from around the globe have received a once-in-a-lifetime invitation (via e-mail of course) to join an ultra-secretive organization of the rich and highly influential elites.
The recruiter, whom, for the sake of this expose will be named the ‘Grand Master,’ invites any ‘interested’ parties to become a member of the global elite with a powerful combination of perks including a brand new home anywhere in world, $50 million in your bank account and a brand new Mercedes Benz, as well as monthly payments of $50,000.
Now this is what we call a ‘where can I sign up’ kind of deal. Interested parties just need to reply to a Gmail account for details. Bitdefender researchers also spotted several versions of the Illuminati scam emails targeting users in the UK, US, Canada, Australia, Austria, Germany, Ireland, Sweden, Denmark and other European countries.
In one version, the scammer actually warns recipients that messages from the Illuminati recruiters could accidentally arrive in their spam/junk email folders. None of the Illuminati recruitment scam emails offer any particular instructions on how to become a member, except for replying to the specified email address (different in all versions).
While promises of a lavish lifestyle are tempting, we know better than to fall for a veiled advance fee swindle that exploits people’s vulnerabilities and aspirations to a better life.
Most likely, recipients who fall into the scammer’s trap will be given strict rules to follow and eventually duped into making payments to, allegedly, cover registration fees.
If you or a family member gets this or any similar message in your inbox, immediately delete it. Don’t feel tempted to reply, even though you know it’s a scam, as you’ll be showing the fraudster that your email address is valid.
Need more peace of mind when roaming the world wide web and interacting with unsolicited correspondence and online platforms?
Take a look at Bitdefender's all-in-one plans!
Our comprehensive security solutions help secure your identity and data by defending against malicious attacks, phishing and scam websites across the digital scape.