Scammers’ delivery service: exclusively dangerous

Table of Contents

Well-known companies and brands are favorite targets for fraudsters. After all, it is much easier to get people’s attention with the use of a popular name, so scammers have more chance of trapping a gullible user.

In this article, we will analyze phishing and malicious emails sent by fraudsters that claim to come from international delivery services. The most popular of these are DHL (Germany), FedEx and United Parcel Service (USA), TNT (Netherlands). All of these companies are international, with millions of customers using branches in major countries all over the world. They provide similar services, so scammers use the same methods and techniques in their fraudulent mails.

The phishers’ goals include:

  1. Theft of confidential data (bank card credentials, logins and passwords from personal accounts), mainly with the help of fake web pages imitating official pages of the site. In a phishing attack users provides the fraudsters with their personal data by filling the fields on fake sites or sending them via email.
  2. Installing various malicious programs on users’ computers. These programs are used not only to monitor user online activity and steal personal information, but also to organize botnets to distribute spam and launch DDoS attacks.

Headings of fraudulent emails

The From field

Structurally, the  address in the From field looks like this: Sender Name . To confuse recipients, scammers can change parts of the address and often make it look very similar to an official address of the delivery service.

There are several groups of email addresses seen in fraudulent emails:

  1. Email addresses which closely resemble companies’ legitimate public addresses. Generally, they use the name of the company (DHL INC, TNT COURIER SERVICE, Fedex, etc.) as the sender name. The name of the mailbox often includes the words info, service, noreply, mail, support which are typical of email addresses used to send official notifications. The server domain name often has a real or very plausible company domain.
  2. FraudShipment_1

  3. Addresses which do not resemble legitimate company addresses. The sender name still reflects the company name (FedEx, DHL Service, but the domain name usually belongs to a free email service or an absolutely different company. The email address could be taken from a real user (taken from public sources or hacked mailboxes) or automatically generated addresses. The latter usually appear as a random sequence of letters, words and numbers.
  4. FraudShipment_2

  5. Addresses that resemble e-mail addresses of company employees. The sender name may contain the name and surname of a supposed employee, or the company name, or a position (courier, manager, etc). The name of the email box usually contains the same name and surname as the sender name because any difference in the data may alert the recipient to a fraudulent email. Either the real company domain or other domains not related to delivery companies might be used as a domain name.
  6. FraudShipment_3

  7. Addresses which only indicate the sender’s address without a name.
  8. FraudShipment_4

While analyzing sender address, remember that scammers do not need to hack the company servers to use the real company domain in the From field. They can simply insert the necessary domain name of the server into the From field.

The Subject field

The subject of the fraudulent mail should capture the imagination of recipients and encourage them to open the message, but it also needs to be plausible. Therefore spammers choose common phrases typical of official notifications from delivery services. After sending a parcel or a document, customers worry about its successful delivery and try to follow its progress by reading any notification from a delivery service.

The most popular subjects are:

  1.  Subjects related to the delivery/shipment (shipment notifications, delivery status, shipping confirmation, shipment documents, delivery information, etc.).
  2. Examples:


  3. Subjects related to tracking shipments, order information and invoices (the tracking number of the shipment, tracking the shipment, etc.).
  4. Examples:


  5. Subjects related to notifications about messages and accounts (creation and confirmation of accounts, new messages, etc.).
  6. FraudShipment_7

The design of the email

Scammers pay special attention to the design of the email. Their main goal is to make message as believable as possible. After all, if it looks suspicious, a potential victim will most likely delete it despite the attractive subject and plausible sender address. Let’s analyze the basic techniques that fraudsters use to make emails look legitimate.

Graphic design

All major international companies have their own corporate style, including wordmarks, graphic trademarks, corporate fonts, slogans and color schemes. These are used on the official website, in mailings and commercials, and in other design components. Scammers use at least some of these elements when designing fraudulent emails to make them look convincing. Usually phishers focus on logos because these elements are unique to each company and is an immediate identifying mark.

Examples of DHL company logos used in fraudulent emails.


Let’s take a closer look at these examples. It’s immediately obvious that the second example is very different from the company’s official logo. Another sign of a forgery is the difference in size between the false logo and the original, as seen in the fourth example where the logo takes almost a third of the message. Here the plan is probably to attract the reader’s attention with a large bright picture rather than plain text. That also explains why the phishing links appear in a larger font: users should respond to it immediately, without trying to read the small print.

In the first example, the scammers are trying to copy the design from the official site (a very popular method). However the logo is placed on the right-hand side rather than on the left. Also they are using a color blend for the logo background rather than making it single-color. The logo in the third example most closely imitates the original DHL logo: the scammers have tried to match its size and design. It’s not really all that difficult to make a logo for a fake notification: there are plenty of versions of the original image available online in several formats, including vector graphics. In addition to the logo the fraudsters use the color spectrum chosen by the company in its official resources and mailings. For example, for DHL it is a combination of yellow and red.

The text design

In most official emails we find a number of set phrases, especially when it comes to standard notifications generated and sent automatically. These messages often include contacts and links to the official resources of the sender. Therefore, to make the text of the fake email look like an original notification from a delivery service the fraudsters use:

  1. Standard phrases typical of official mass mailings: Please do not reply to this email, This is automatically generated email, please do not reply, All rights reserved, Diese Versendung ist automatisch, Bitte beantworten Sie diese nicht, This communication contains proprietary information and may be confidential. Questo e’ un email automatico, Si prega di non rispondere, etc.
  2. FraudShipment_9

  3. Links to the official page of the company. Not all links contained in the fraudulent email are phishing – spammers may also use the links which really lead to the official resources on order to make their emails look legitimate and bypass spam filtering.
  4. FraudShipment_10

  5. Contact for feedback. The fraudsters often indicate the contact information of the sender or the company (name, surname, position, office address). These contacts might be real or fictitious.
  6. FraudShipment_11

The content of the email

When fraudsters send out fake emails convincing readers that it is a real message is only part of the battle. The next step is to persuade the potential victim to do what the scammer requires, such as providing personal information or installing a malicious file. This is where psychology comes into play, and the email content is the main tool.

In fraudulent notifications allegedly sent on behalf of delivery services often use the following tricks:

  1. Notifications of various problems (eg. unsuccessful delivery, lack of information, wrong address, no recipient at the delivery address). These phrases are usually related to the delivery since the companies in question are in the service sector. Therefore, a logistics company warning of a problem with a delivery doesn’t prompt any suspicion, especially if the email contains some details of the situation.
  2. FraudShipment_12

  3. A demand to do something or face some consequence. For example, “collect your parcel within 5 days otherwise it will be returned to the sender”.
  4. The scammers use deadlines like this to make recipients react immediately. The phishers hope that users will be so worried about losing the parcel or paying extra costs that they won’t hesitate to provide personal details or open a suspicious attachment.


  5. Phrases about the content of an attachment or link (invoices, detailed information, documents).
  6. Users are unlikely to open unknown attachments or follow unknown links. That’s why scammers imitate official websites and present malware as a document with information a parcel. In addition, if the text of the notification states that the attachment contains, for example, a consignment document, the malicious archive will have a similar name, such as “” This applies to phishing links as well – scammers name their links with an appropriate phrase from the text, such as “shipping information”.

    This simple trick is intended to reassure recipients that the attachment or link is perfectly legitimate.


  7. Phrases about the need to do something (follow a link, open an attachment, print out a file, etc.).
  8. Assuming the fraudsters have convinced the recipients that the email is real, the next step is to tell the victims how to solve their problems. Fulfilling these instructions is the ultimate goal of the fraudulent email. Here it is important for the scammers not just to tell recipients what they need to do, but to make them understand correctly what is written in the message. To avoid any misunderstanding on the part of the recipients, messages often contains detailed instructions about what to do.


How the text might change

Cheating the user is not the only thing scammers have to do. They also need to bypass spam filters and deliver the email to the email boxes of potential victims. One of the most popular and long-used methods to bypass filtering is to change text fragments within the email. Modern programs designed to send out spam messages include ample opportunities to generate multiple changes in the text. The text of a message which varies from email to email makes the email unique, while different personal information specified within one mailing (such as the number of the shipment, the form of the address, the dates) helps to convince recipients that the email is intended for them. In addition, the fraudsters can send out emails designed in the same style for several months – they only need to change some elements in the text.

Fraudulent notifications from delivery services can change:

  1. The information about the order/shipment, including the tracking number of the shipment, delivery dates, etc.)
  2. Contact details, sender names and company names. Some mass mailings provide an e-mail address or a phone number of a company representative for feedback. This particular data changes from email to email. In addition, names of company representatives and even company names themselves may also vary.
  3. The name of the attachment. It mainly refers to malicious attachments which names vary in messages within one mass mailing while these different names hide one and the same malicious program.
  4. Links. In phishing emails and emails with malicious attachments scammers often specifically change the addresses of the links, masking them with the help of different URL shorteners. Most of these links are quickly blocked by current antivirus programs.
  5. Phrases indicating numbers and dates. These can refer to timetables (days, hours), sums of money and dates (day and month)
  6. The greeting. Here spammers generally use the email address and/or the name of the recipient. Sometimes they use generic expressions (Dear client, Dear customer, etc.) instead.
  7. Other text fragments. Some words are replaced with other phrases that have a similar meaning so the general sense of the sentence remains unchanged.

Let’s analyze some examples of changes in the text of fraudulent emails.


Below are some emails from yet another mass mailing.


Fake pages

To steal personal information from users, scammers create phishing HTML pages which partially or completely copy the official website of a company. If victims of fraud enters their personal information (bank details, usernames and passwords) on this page, that data immediately falls into the fraudsters’ hands.

To mask the links leading to phishing websites the fraudsters often use popular free URL shorteners. In addition, most services offer customers the ability to view the statistics on the short link which tells fraudsters more about the number of clicks on any links etc. Phishing pages can be located on specially registered domains which usually have a short life span as well as on compromised domains whose owner may not even be aware that the web site is being used for fraudulent purposes.

Let’s analyze a fake email sent on behalf of FedEx in which recipients are asked to update their account information. The text of the email contains a link to the official website of the company while the real address to which the user is redirected is nothing like the legitimate page and is located on a free URL shortener service. This becomes obvious when you hover on the link.


After clicking the link, users get to a fraudulent page imitating the official website of FedEx, where they are asked to enter their logins and passwords to access their accounts. Once the users fill in the fields and click “Login”, the entered information is transmitted to the scammers who can then access the victims’ personal accounts. The menu tabs and other links on the phishing page are often inactive, so clicking on them will not take users to the appropriate page. However, in some cases, phishers imitate all links on the page so that users do not have any doubt about its legitimacy. Sometimes the design of the page imitates the official site but does not copy it completely. If you have a closer look at the details, you will see some differences between the designs of the real and the fake pages. However, most users do not pay attention to small details and this carelessness helps the scammers to steal personal information.


Below is yet another example of an email sent on behalf of FedEx. This time it contains a malicious link.  The email informs recipients that delivery is impossible because of missing information. And now users have to follow the specified link for verification.


The link leads to a fraudulent page where potential victims are invited to download a program that will supposedly check whether they are really going to receive a parcel. Naturally, the program turns to be the well-known Zeus Trojan, which helps the fraudsters to access the computer and all the personal information on it.


Scammers might not only include a phishing link in the body of the email, but also attach an HTML phishing page designed to steal personal data. However this use of HTML attachments as phishing pages is unusual for fraudulent mailings sent on behalf of delivery services.

Fraudulent emails in different languages

To increase the audience of recipients and customers, spammers are mastering new languages. In addition to traditional English and German, current spam traffic includes emails in Hebrew, Albanian and other languages​​ which were found in advertising and fraudulent mailings a few years ago. For example, you may come across fake notifications from international delivery services written in Italian and Dutch. These emails do not have any special features that distinguish them from English- or German-language messages – to cheat users, the fraudsters resort to the same tricks.

For example, this Italian-language fake notification from FedEx tells users to confirm their identity by following a fraudulent link.


Yet another mass mailing in Italian contained a malicious archive which included the Zeus/Zbot Trojan used to steal personal data. The fraudulent email claimed that the user profiles on the website had been updated and there was more detailed information about it in the archive.


Another fake notification written in Dutch on behalf of TNT informs recipients that new accounts have been formed for them, with details in the attachment. The archive attached to the email contains Backdoor.Win32.Andromeda, a malicious file that allows the scammers to control the infected computer without the user knowing.


Malware in fraudulent emails

Spam is one of the most popular ways of spreading malware and infecting computers on the Internet. Attackers have various tricks to make victims install malicious software on their computers. Email traffic includes a variety of private emails, such as wedding invitations, dating offers and other similar messages. However, fake notifications from well-known companies and brands providing different services remain the most popular cybercriminal trick. International delivery services are also used by spammers as a cover for malicious spam.

Malware spread in fake notifications from delivery services is divided into:

  1. Trojan programs developed to perform unauthorized operations in order to delete, block, modify or copy data, to disrupt computer or network performance. Trojans distributed in spam include Backdoors, Trojan-Downloaders, Trojan-Proxies, Trojan-PSWs, Trojan-Spies, Trojan-Bankers and others
  2. Worms, malicious programs capable of unauthorized self-proliferation on computers or computer networks. Those copies go on to spread themselves further.

What is dangerous about malicious programs?

  1. They can steal usernames and passwords from users’ accounts, as well as financial or other information sought by the attackers.
  2. They can create botnets for distributing spam, DDoS attacks and other criminal activity
  3. They can provide fraudsters with control over victim computers, including the ability to run, delete or install any files or programs.

Current malicious programs integrate broad-ranging fraudulent functionality. In addition, some malicious programs can download other malware, providing additional opportunities. These might include stealing usernames and passwords entered in the browser or seizing remote control over the whole computer.

Malicious objects in fraudulent notifications can be embedded directly in the email or downloaded from a link provided in the body of the message. The most dangerous thing about it is that malware can be run and installed without users being aware or installing any software themselves. Typically, malicious ZIP (less often RAR) files enclosed in fraudulent emails have an executable .exe extension.

How to recognize phishing emails

Below are a number of features that can help to identify a fraudulent email.

  1. The sender address. If the sender address includes a random sequence of letters, words or numbers, or the domain has no connection with the official address of the company, the emails should undoubtedly be considered fraudulent and deleted without opening.
  2. Grammar and spelling mistakes. Wrong word order, incorrect punctuation, grammar and spelling mistakes can also be a sign of a fraudulent mailing.
  3. Graphic design. Scammers are doing their best to make the email look very similar to the original. To this ends they are trying to imitate other companies’ corporate styles using some of their elements such as color schemes and logos. Inaccuracies and noticeable design errors are among the signs of a fake email.
  4. The content of the email. If the recipient of the email is asked under various pretexts to urgently provide or confirm personal information, download a file or a link – especially while being threatened with sanctions for not doing so – the email may well be fraudulent.
  5. Links with different addresses. If the address of the link specified in the body of the email and address of the actual link to which you are redirected do not match, you are definitely looking at a fraudulent email. If you are viewing your email from the browser, the actual link can be usually seen in the bottom left of the browser window. If you use an email client, the actual link can be displayed in a popup window if you hover the cursor over the link in the text. Fraudulent links can also be attached to a text phrase in the email.
  6. Attached archives. Generally, ZIP and RAR archives are used by cybercriminals to hide malicious executable EXE-files. Therefore, you should not open these archives or run the attached files.
  7. Lack of contacts for feedback. Legitimate emails always provide contact information for feedback – either the company or the sender’s personal contacts.
  8. Form of address. Fraudulent emails do not necessarily use the first name or the surname to address the recipient; sometimes a universal form of address (“client”, etc.) is used.

Scammers’ delivery service: exclusively dangerous


Your email address will not be published. Required fields are marked *



  1. Earl Hamper

    I got a FedEx shipment notice and ask me to click on shipment notice I did but nothing happened something was blocking it. I could not print it out. It did not ask me for any personal information. Am I safe or do I have to do anything or have my computer check. I have Kaspersky security. I am 80 years old.

    1. Gabriel

      Anybody heard of Deliverex? Are they legitimate, or NO?

  2. Pamela Woodard

    Keep getting email from ups courier service asking for my banking. How and where can I report them?

  3. April

    Very informative and precise information. This will help a lot of people from scammers that are all over the place. With the technology today, we all should be getting services from reliable and trusted delivery service organizations.

  4. Phylliss

    What about courier service that asks for money before delivery of a package from a forgein country?

  5. Virginia

    My fiance got a message in messenger from his friends account. They are offering you to apply for a government organization that gives grant money. Then they approve you but ask for money to be sent ahead of time to receive a package that contains cash. I reported them to DHL and to Facebook.

  6. Lerato Lekgowe

    I’ve got a message that said I must go to eazylinkcourier to get my parcel but when I went there they wanted me to pay 2200 usd which is almost 33 000 zar into an account of Mormah Eminem Collins to get my parcel

  7. Sophie

    My fiancé send me a documents package includes check and gold according to him delivery trust company can send packages to my place. Then after he send the delivery trust company send me message including the tracking no.(#)the first track is in Bamako Mali then Rome or Germany I cannot remembered. The last tracking was in north Korea infection then then was on hold in North Korea! US is not diplomatic in north Korea asking me money for taxation in North Korea $6,500! What do you think about this!? Need help to get to know if is scam!?

    1. NYCTim

      Of course it’s a scam. Have you actually met your “fiance”? You need to dump him.

  8. Christopher Cates

    i was just trying to get information about a company called Global Link Delivery Service. Trying to see if anyone ever did business with them before.

  9. sue

    I had a man contact me on instagram 2 months ago about a box he wanted me to hav e deliverd to my home. He said it was coming bydiplomatic courier thru Sky Express. And that money had to be paid for the airbill and the certificate of origin in Germany via western union. I had pictures of everything and was convinced it was legit. The emails from Sky looked legit too. What do you think?

    1. Kate Rudy

      I have had three separate men pull the same scam on me and have turned them in. You will just lose your money. It is a scam.

    2. July

      Same here the man said that he will send the box by Guaranteed Express. But company asked me to pay 3000 euro for shippin to some person in Bulgary in other case they will open the box. It’s just insane.

  10. Daye Trabasas

    Recieved a letter from LFLS a logistic cargo company from china that the shipment from china bound to japan is now being held at dubai custom for tax declaration.and I had to send them money to process tax declarations to be able for the shipment to be this legal?

    1. William Moore

      This doesnt sound legit. I also received an email from another company asking the same thing. That taxes had to be paid before they will deliver.

  11. Zaideth

    Was his name James Black?

  12. Barb Stonestand

    Is kf direct a legitimate delivery service ?

  13. Rihanna

    I am at this point now. I paid and yet I have not received the package and the numbers cannot be reached

  14. William Moore

    I received an email from a supposed company called Integrated Parcel Service. Said I had a package but needed to pay the taxes on it. An exurbanant amount. I just have fun emailing them back and toying with them as they are clearly not legit.

  15. Veggie

    Can anyone tell me if skylimit logistics is a legit company? We have a package send to us but they are demanding a fee of $20000 AUD. When we search the company we can’t find any information about the company.

  16. Prity

    i was also contacted by a man using Lucas on Instagram he said he bought me some gifts laptop and a phone and few things so he said i i must pay duty of $1200usd to Kenya and i refused then i got a call from Kenya to pay the money on Western Union and i refused it something that is happening now as i am speaking i refused to pay the money and i told the guy to pay it himself

  17. Sandrille

    My boyfriend was planning to visit me then he will send first his luggage because he was in a mission but about to end. Then he told me told i need to pay first the $250 before recieving his luggage. He also send me some many proof that his luggage was on process already but its kinda weird because why i need to give money first. Anyone could answer me if this is scam?

  18. Rosalyn salazar

    Is oversea express courier legit?

  19. Damaris kimani

    I wish I would have come across this before. A week ago a white man friend requested me on IG by the name (@jacksmart000)we began having conversation and later he asked for my number he later chatted me on whatsapp with a UK NUMBER WITH THE CODE(+44). Thinking that I was the luckiest woman on earth finding a white man I hadn’t seen it all untill this guy after a long chat of knowing each other he just told me he is heading to a supermarket what should he get me? He asked, and so I answered anything nice he will get. So he told me to send him my address and full names so I did,he then told me he will send the parcel immediately and I’ll receive it the next day cause he was going to use DELTA CARGO COURIE COMPANY. The next day came and I received a call in the morning by a guy who claimed to be working in the office so he demanded 20,000ksh for delivery and custom fee, so I did my best and sent the money then after some minutes he called again and asked me to send another 15,000ksh cause he released their is money in that parcel which is illegal to be sent through as part of the parcel. Mind you this mzungu guy after going to supermarket he sent me a list of what he had bought me it was as follows :

    A gold jewelry
    Diamond necklace
    I Phone
    Hand bags
    Rolex watch
    A ring
    And an envelope of (30,000pounds)which in kenyan money is almost 4 million. I was a happy person on earth not having any doubt. So the guy from the office told me that their is alot of money here you are supposed to send another 15,000 as a government mandate to allow this money to be delivered to. I started hustling seriously until when I approached lots of people about it and told me their is nothing like that, and that it was a scum it was still hard for me to believe. But now as we were communicating with this “mzungu” and telling him the office is demanding money from he kept on insisting that I should just send them for the parcel to be released cause it has lots of expensive goods,of which he was very convisable. Only after realizing this office guy was a scum because he started becoming so rude cause I was not sending the 15k.On the other hand the mzungu was insightful now and then that I should send the money. So this morning he asked me if the office called me I decided to lie by telling him no cause I had already started sensing that something is wrong. After some minutes he got back and told me but the office is just telling me that they have called you. I became a little bit bitter by digging in asking him questions and when he found out am now on the lime light he ended up blocking me. BE ALERT AND AWARE OF THIS BUSTARDS GUYS. IT WAS A GOOD LESSON LEARNT IN A HARD WAY AND THEY ARE MOSTLY USING LADIES!!

    1. K

      Thanks a lot that you have shared this story!
      I have almost the same story. Handsome man with UK phone nr, almost the same e-mail address with …
      Just I got an e-mail from Zippy Courier Express (not an existing company) that I need to pay 1200 USD fee + container clean up. This is where things started to get suspicious and I stated to search on web and findr you comment + this page:
      Don’t pay anything to them and please don’t trust in this “handsome” man.

    2. Besashiele

      Oh my!! We have the same experience. A Thai guy chatted on me, so we confabulate a lot and on the next day, he asked me to give my line number or whatsApp number. According to him he wanted to have a private conversation. He also promised to call me using WhatsApp. After our long conversation, he asked me about what cellphone I’m using, and anything I want. He wanted to buy and shopped for me. he sent me videos and pictures. After that, he also told me everything that he already sent it to the company; then asked my address, and told me that there is money inside the package, too. So, I gave him my real name, address. I was so sincere on responding on his chats. However, there were doubts on my mind and i started to ask him because he told me to prepare 15,000 pesos. borrow and when my package has been delivered I have to go to the bank convert the money and pay my debt. Now, I told him it should never be like that. He suddenly got mad. he sent a picture of receipt. I keenly looked at the details, and I realized different name were indicated on the receipt. On the next morning, This company, called me. They wanted me to pay, of course I argued and report it to my Thai boyfriend. I was puzzled with his reaction. He was not panic nor worried about his package. I still keep on chatting with him, and response as is I truly believe it. … I sent him a lot of message but till now, he didn’t make any responses..

  20. Chris

    Hey can you tell me what happened after this? I dated a man online and we video chatted seems legit. Falling for him. And he said he needed to send me some of his belongings before his send off mission. But this suspicious company is emailing me to pay and send 1,350USD to had this packaged be shipped. Please advise.

    1. Anonymous sender

      I had the same stories. I have chatted someone and he said he will send all his valuables including gifts for me. He sent a tracking code to check the shipping thru a courier company website. Seems so real. Then after I received an email from the company that the items is now enroute. Then after they will send again another email that the item has arrived. They they said that inorder the item to be delivered I need to pay the custom charges and clearance fee amount of $1120. It is a scam coz they ask to send it thru an account number which I think belongs to a personal account and not a company owned. It is a scam! BEWARE!!!!!!

  21. Lyn

    Please help, United Nation Express Delivery Legit or not?

  22. Azucena Garcia

    Has anyone heard of Quick Xpress Logistics asking for an amount for taxation to release package ?

  23. ghied

    i was been scammed 2 couriers namely non stop courier and paciwest international collecting money but no parcel delivered. so be aware of this couriers

  24. Stephen Vincent petersen

    I got a call from wordlwidecourier service saying that I have a parcel and it has 30 000 pounds in and I have to pay for customs to clear it 1850 and pay for the money 4790 and again to put the money in my account to pay 6150 I was so blind I paid the amounts but still waiting there response its just a big scam

  25. Cheef

    Is American Parcel Express legit


    Is anyone familiar with Parcel Mind Courier Service? Are they legit?

  27. gem

    These scammers usually used the background of uniformed guys. Please be cautious these are scammers.

  28. Erlina

    Dear all, if anyone call you to pay the courier.cost in advance then DON’T do it. Just inform them that you will pay in their warehouse facilities. As all number one courier shipment service like DHL,FEDEX, UPS, etc…having Warehouse facility in each country and pay it direct to cashier in their office or warehouse facilities. As your if receiver refuse to pay the package return to sender.

  29. Sofie

    Can you please verify if Stanbic Courier Express is a legit courier company?

  30. Johannamy Sombrio

    I receive an email from ASL saying that my luggage has arive in general santos airport philippines…but it was hold because there is a money inside…i need to pay 1050 dollars with in 48 me name and nank account to where i should pay…i was tracking the number sent but i could not find it….is this a scam?

  31. Mildred Polino

    Is First Trust Logistics courier Services legit?….
    Their address is even wrong….

  32. Gee C

    Anyone heard of Maximum Class Express Service as a legit courier in Malaysia?

    1. Annur

      hey Gee C
      is Maximum Class Express Service really legit? have you got your parcel?

    2. Laltlanthanga

      This is fraud.

  33. Cynthia McGuire

    Is Global Eagle Courier a legit company?

  34. danny blackwell

    Has anyone heard of this company? Globalsecuresafedeliveries…. I cannot find any record of them…

  35. Adeline A Koch

    Received text message from express gold courier asking to contact them, have package from Dubai. Must pay $2,000.00 USD, custom fee. I keep getting messages on WhatsApp. What to do?

  36. Fernando Santos

    Does anyone know if A&A Express Delivery LLC in Orlando , Florida is a legitimate company?

  37. Lisa Chadwick

    Hi does anyone know if express us legitimate? Asking for more money for goods to be released?

  38. Bryan

    It is a fraud they collect and collect fees then charge you demurrage that does not should be the fault of the customer

  39. Bryan

    Yes it is but maximum class express is a damn fraud

  40. Analiza Verona

    Standard cargo services, is it legit or not please help me some advice

  41. Shane

    Proficient Express Service. Products keep getting held in various countries, they keep asking for more money for VAT and taxes, keep claiming I will be reimbursed once my products are delivered. Also asked for another $800 as my products were on hold for COVID insurance? Seems like a definite scam, I should have gone with the freight company I usually use, but I was drawn in by the “Free Shipping” Lesson to be learned, trying to save a buck and cut corners costs more in the long run.

    1. Shane

      Also shipment had a “mistake” they “Accidently” sent 70 instead of 7 and request I pay the VAT and taxes on them before they are released.

  42. Marta turingan

    Is instant world wide delivery legit?

  43. Susan

    Can anyone inform me if Global-EP Logistics is a legit shipping company?


Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

What did DeathStalker hide between two ferns?

While tracking DeathStalker’s Powersing-based activities in May 2020, we detected a previously unknown implant that leveraged DNS over HTTPS as a C2 channel, as well as parts of its delivery chain. We named this new malware “PowerPepper”.

Subscribe to our weekly e-mails

The hottest research right in your inbox