Chatbot Army Deployed in Latest DHL Shipping PhishChatbot Army Deployed in Latest DHL Shipping Phish
In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.
May 20, 2022

Phishing emails intended to look like a DHL communications are now coming loaded with a new twist — a version of a chatbot that helps drive targets to malicious links, according to a new report.
That is to say, it behaves like a chatbot, but behind the scenes, the scripts are pre-programed to respond with stock phrases based on a victim's answer, according to researchers at Trustwave who reported the phishing campaign tactic. But the effect is the same — targets think they're talking to a live DHL representative.
After clicking, the victim's browser opens a PDF file with another link asking the person to "Fix delivery," the Trustwave team reported. The chatbot will ask the victim to confirm a delivery address and tracking number, and it will even present a fake CAPTCHA to make everything seem legitimate. Eventually, the target will be asked to enter in login credentials and credit card information, which is promptly harvested.
Because chatbots are widely used by brands to interact with customers online, end users aren't suspicious of interacting with them, the Trustwave team added — making this a perfect social-engineering ploy.
"This is what the perpetrators of this phishing campaign are trying to capitalize on," the chatbot phishing report added. "Aside from spoofing the target brand on the phishing email and website, the chatbot-like component [is what] slowly lures the victim to the actual phishing pages."
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023