Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
With the holiday season fast approaching, the shipping of packages and gifts will reach a fever pitch over the next two months. This is the time when cyber criminals are looking to strike, not only stealing critical financial information, but looking for ways to steal personal information.
The Comodo Antispam Labs (CASL) team has identified a new global phishing threat, targeted specifically at the 2.5* million global businesses and consumers who use DHL shipping.
The fake DHL phishing emails are sent from ‘DHL Worldwide’ containing the subject line “DHL Shipping Delivery Tracking Number.’ Trying to represent colors and logos of DHL, the “fake DHL” phishing email is designed to capture logins and passwords to DHL accounts and package tracking information. The phishing email asks recipients to verify the tracking process for their impending packages, deliveries and shipments.
The Comodo Antispam Labs team identified the DHL phishing email through IP, domain, URL analysis, and image analysis.
“Through specific IP and URL analysis – as well as the Comodo Antispam Labs’ continuous monitoring and scanning of data from the users of Comodo’s Internet security systems, our team was able to identify this specific phishing email scam and alert the public to it,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs. “As a company, we work diligently in creating innovative technology solutions that stay a step ahead of the cyber criminals, and keep enterprises and IT environments safe.”
Image screen shots and more information on the DHL phishing scam can be found below.
The Comodo Antispam Labs team is made up of more than 35 IT security professionals, ethical hackers, computer scientists and engineers, all full time Comodo employees, analyzing and filtering spam, phishing and malware from across the globe. With offices in the US, Turkey, Ukraine, the Philippines and India, the CASL team analyzes more than 1,000,000 potential pieces of phishing, spam or other malicious/unwanted emails per day, using the insights and findings to secure and protect its current customer base and the at-large public, enterprise and Internet community.
If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact the security consultants at the Comodo Antispam Labs: https://enterprise.comodo.com/contact-us.php
*data pulled from DHL web site; the facts and figures sectionhttp://www.dhl.com/en/about_us/company_portrait/our_organization.html
Phishing Email and ScreengrabsIn the email screen grab below, the recipient of the email is to verify tracking numbers of a DHL shipment, and encouraged to log into the site www.DHL.com/tracking.
Although the email appears to be from “DHL Worldwide,” the recipient needs to be aware that the actual email address itself is not a DHL email.
From: DHL WORLDWIDE <dalida.elali@werrtonholdings.com.au>Subject: DHL Shipment Delivery Tracking Number
When the potential phishing victim clicks on the DHL.com/tracking link in the email (above), it takes the user to a new landing page – also trying to represent DHL (below) . In just one click, the cyber thieves are now trying to steal password and log in information. After the phishing victim simply verifies their email address and enters the password, a page opens with the text appearing “Your email has been updated” – making the victim feel as if all was an authentic transaction. In actuality, the log in and password have now been sent to the cyber criminals and they can immediately begin using that to access account and data information, or selling that information on the black market.
NOTE FROM COMODO ANTISPAM LABS: because this was an actual intercepted email, the actual email address it was sent to has been removed to protect the original recipient and has been replaced in this screen shot to “thisis@fakeemail.com”For the System IT Administrators who think their IT may be susceptible to the fake DHL phishing email, the address, malicious URL, domain and IP address to be aware of is below.
The domain that the phishing site is hosted on is conceptsolutionind.com
The IP address is 192.185.56.51 which resides in United States, in Texas
Registrant Country: India
The From domain is werrtonholdings.com.au
The mail is sent from IP: 216.151.170.2 and it belongs to:
Shared-hosting.webminders.com which is a hosting site and not a private IP
Tags: DHL Phishing
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP