Threat Alert

by IthacaLabs™

THREAT LEVEL/High 12/07/2021

A new Phishing Campaign using SMS messages impersonating an International Courier Organization found.

Threat Level Description

Threat Level: High – An attack is highly likely. Additional and sustainable protective security measures reflecting the broad nature of the threat combined with specific business and geographical vulnerabilities and judgments on acceptable risk.


We have observed that while the local and international trade is struggling to respond to the coronavirus crisis, a new malicious campaign, using phishing SMS messages, targets the consumers, impersonating a known international courier organization.

A malicious scammer or syndicate, utilizing these fraud SMS messages, could aim in stealing users’ credentials and banking accounts information. In addition, the fraudsters could compromise the victim’s mobile and eavesdrop his/hers actions and/or spread malware.

The phishing SMS campaign impersonates the DHL international courier organization, informing the unsuspected clients that their parcels have arrived and that in order to proceed with the delivery the clients should pay a small amount (~2€). In the malicious SMS message is included a link that the client should follow in order to complete the transaction and receive his/her parcel.

By clicking on this malicious link the fraudsters could compromise the client’s mobile phone and steal his/hers banking credentials and accounts’ information. Furthermore, the malicious actors could infect the mobile device with malware and perform further attacks.

Note, that it is observed that mobile phishing attacks are increasing due to the fact that people spending more time on their phones for purchases and work.



Affected Systems

  • N/A


The guidelines below will help you protect against e-Fraud and its associated security threats:
• Do not open e-mail and SMS messages from unknown sources. Be suspicious of emails and SMS messages purporting to be from financial institution, government department, or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes, and similar information. Opening file attachments on clicking on web links in suspicious emails could expose your system to malicious code that could hijack your computer.

• Never respond to a suspicious email/SMS or click on any hyperlink embedded in a suspicious email/SMS. Call the purported source if you are unsure who sent an email/SMS.

• If an email/SMS is claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate.

• Install anti-virus and spyware detection software on all computer and mobile systems. Free software may not provide protection against the latest threats compared with an industry standard product.

• Update your computers and mobile device regularly with the latest versions and patches of both antivirus and antispyware software.

• Ensure computers and mobile devices are patched regularly, particularly operating system and key application with security patches.

• It is strongly recommended to implement a Security Awareness program, addressed to all your management and staff, designed to increase the level of understanding regarding Social Engineering and security threats in general.


Get the latest Threat Alerts in your inbox.