Chatbot army deployed on latest DHL shipping phish

Phishing emails designed to look like a DHL communication now come with a new twist — a version of a chatbot that helps direct targets to malicious links, according to a new report.

That means it behaves like a chatbot, but behind the scenes, the scripts are pre-programmed to respond with standard phrases based on a victim’s response, according to Trustwave researchers, who reported on the phishing campaign’s tactics. But the effect is the same – the target people think they are talking to a real DHL representative.

Once clicked, the victim’s browser opens a PDF file with another link asking the person to “fix delivery,” the Trustwave team reported. The chatbot asks the victim to confirm a shipping address and a tracking number, and even displays a fake CAPTCHA to make everything appear legitimate. Finally, the target will be asked to enter credentials and credit card information, which will be harvested promptly.

As chatbots are widely used by brands to interact with customers online, the Trustwave team added, end-users shouldn’t be suspicious when interacting with them – making this a perfect social engineering trick.

“The perpetrators of this phishing campaign try to exploit that,” says the Chatbot Phishing Report added. “Aside from spoofing the target brand in the phishing email and on the website, the chatbot-like component [is what] slowly lures the victim to the actual phishing sites.”

Stay up-to-date on the latest cybersecurity threats, newly discovered vulnerabilities, data breach intelligence and emerging trends. Delivered straight to your email inbox daily or weekly.

Subscribe to

Comments are closed.