Latest Threat: DHL "Delivery Fee" Credit Card Phishing Scam

A highly convincing phishing campaign is currently impersonating DHL Express. The attack begins with an email titled "Final Notice – Delivery Cannot Proceed," designed to create immediate panic regarding a shipment with ID FR9876543210.

The scam uses a sophisticated multi-stage web portal to steal financial credentials.

How to spot this phishing attack:

1. Fraudulent Sender Address: The email originates from [email protected]. Legitimate DHL notifications will only come from an official @dhl.com domain.

2. Malicious URL Hosting: The email link redirects through a tracking service to a tiiny.site subdomain. Other variants of this campaign use the domain authpackage.com to host the landing pages.

3. The "Small Fee" Trap: The fraudulent site displays a fake tracking status "En cours de livraison" (In delivery) and claims a small payment of 12.90 EUR is required for the process to continue. Scammers use low amounts to trick victims into entering their card details without overthinking the risk.

4. Complete Financial Data Theft: The site requests the cardholder's full name, 16-digit card number, expiry date, and CVV security code.

5. Fake 3D Secure Verification: To appear legitimate, the scam presents a fake "Verified by VISA" or "Mastercard" page, prompting the victim to enter an SMS verification code.

If you receive this email, do not click the link and do not provide your credit card information. For genuine tracking, always visit the official dhl.com website directly.