A new phishing campaign has been discovered impersonating logistics giant DHL in an attempt to steal Microsoft 365 credentials from victims, experts say.
The email is made to look like it's coming from DHL: it uses the company's branding as well as a method of communication that one might associate with the shipping giant. In the e-mail titled "DHL Shipping Document/Invoice Confirmation", the recipient was informed that the buyer sent the package to the wrong address and that the correct delivery address must be provided.
The email apparently comes with an attachment, aptly named "Shipping Document, Invoice Confirmation" which, if opened, looks like a blurry preview of a Microsoft Excel file.
Microsoft's login page appears above the blurred document, trying to trick victims into thinking they need to sign in to their Microsoft 365 accounts to view the file's contents. If the victims provided their login credentials, they would go straight to the attackers.
The best way for companies to protect themselves from phishing attacks is to train their employees to spot red flags in their inboxes, such as the sender's email address, typos and spelling errors in the email, sense of urgency (legitimate emails are almost will never require the user to respond urgently) and unexpected links/attachments.
