What kind of scam is "DHL Express"?
While inspecting pages that use rogue advertising networks, our researchers chanced upon a "DHL Express" scam. This deceptive content is presented as a delivery-related notification from DHL Express - a courier, package delivery, and express mail service company. It must be emphasized that the actual DHL is in not associated with this scam.
"DHL Express" scam overview
This "DHL Express" scam informs website visitors that DHL was unable to deliver their packages. The nonexistent parcel supposedly failed delivery because of unpaid fees amounting to 2 USD. The scheme claims that the package contains an iPad Pro 258GB. Users are then allowed to select the preferred delivery method and other details.
When we inspected this scheme, it redirected to a broken webpage. However, this may be rectified at a later date or in different iterations of the scam. Typically, scams like this "DHL Express" one redirect to phishing sites. The pages may continue with the theme (e.g., package delivery), but that is not always the case.
Phishing scams attempt to extract sensitive information from users. Those promoted by schemes like "DHL Express" tend to target personally identifiable details, e.g., names, addresses, telephone numbers, email addresses, etc. The data collected through phishing scams can be variously abused or sold to third-parties (potentially, cyber criminals).
Account log-in credentials are also targeted (less so by schemes that are thematically inconsistent with the data). Scammers are particularly interested in the IDs/usernames/passwords of email, social media, social networking, e-commerce, digital wallet, online banking, and other accounts.
It is noteworthy that scams like "DHL Express" can also redirect users to dubious payment gateways and extract bogus fees or record entered finance-related information (e.g., banking account details, credit card numbers, etc.).
In summary, by trusting scams like "DHL Express" - users risk experiencing severe privacy issues, financial losses, and identity theft.
|Name||DHL Express pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Package delivery unsuccessful, delivery fees must be paid.|
|Detection Names (iketrest[.]com)||N/A (VirusTotal)|
|Serving IP Address (iketrest[.]com)||22.214.171.124|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Similar scam examples
We have analyzed thousands of online scams; "FedEx PACKAGE WAITING", "You have (1) package waiting", "PACKAGE WAITING", and "Is this your package?" are a few examples of those similar to this "DHL Express" scheme.
The Internet is full of deceptive and malicious content. Various scam models are used to deceive victims; popular false claims include - package deliveries, outdated software alerts, detected virus/malware, cryptocurrency giveaways, won lotteries, and so forth.
Regardless of what scams promise - their sole goal is to generate revenue at victims' expense. Therefore, we highly recommend exercising caution when browsing.
How did I open a scam website?
Scam websites can be force-open the moment a page that employs rogue advertising networks is accessed. Alternatively, such a redirect can occur when the content hosted on rogue pages is interacted with (e.g., clicking buttons, text input fields, ads, etc.).
Misspelling a site's domain (URL) can also result in a redirect (or redirection chain leading) to a deceptive webpage. Additionally, online scams are promoted by spam browser notifications and intrusive advertisements. Furthermore, adware can display scam-endorsing ads or simply force-open sites running them.
How to avoid visiting scam websites?
Deceptive websites are primarily accessed via redirects caused by pages using rogue advertising networks, mistyped URLs, spam browser notifications, intrusive ads, or installed adware.
We advise being vigilant when browsing since fraudulent and malicious content usually appears legitimate. Do not use sites offering pirated software/media or other questionable services (e.g., Torrenting, illegal streaming/downloading, etc.) as they are typically monetized through rogue advertising networks.
We recommend paying attention to URLs and entering them with care. To avoid receiving undesirable browser notifications, do not permit suspicious websites to deliver them (i.e., do not click "Allow", "Allow Notifications", etc.). Instead, ignore or deny the notification delivery requests displayed by such pages (i.e., press "Block", "Block Notifications", etc.).
Intrusive adverts may look ordinary and harmless, but they redirect to dubious sites (e.g., gambling, pornography, adult-dating, etc.).
To prevent bundled/harmful programs from infiltrating your device, always use official/verified download channels and approach installation with caution (e.g., read terms, use "Custom/Advanced" settings, and opt-out of additions).
If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in "DHL Express" pop-up:
Baton Rouge Parcel delivery
WE WERE UNABLE TO DELIVER
YOUR PARCEL (!)
The content of this page is exclusive for the receiver of this parcel
- Worldwide Delivery -
The appearance of "DHL Express" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is DHL Express pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Pop-up scams are deceptive messages designed to lure users into performing specific actions. For example, victims can be tricked into making monetary transactions, disclosing private data, calling fake support lines, downloading/installing software, purchasing products, subscribing to services, etc.
What is the purpose of a pop-up scam?
Like all scams, those promoted online are used to generate revenue. Cyber criminals profit primarily by acquiring funds through deception, abusing or selling sensitive information, promoting software or other products, and proliferating malware.
I have provided my personal information when tricked by a scam, what should I do?
If you have provided log-in credentials - change the passwords of all potentially exposed accounts and contact their official support without delay. And if the disclosed information was of a different personal nature (e.g., ID card details, credit card numbers, etc.) - immediately inform the corresponding authorities.
Why do I encounter fake pop-ups?
Pop-up scams are promoted on deceptive websites. Users typically enter such pages via redirects caused by misspelled URLs, sites that use rogue advertising networks, spam browser notifications, intrusive advertisements, or installed adware.
Will Combo Cleaner protect me from pop-up scams?
Combo Cleaner can scan visited sites and detect rogue, deceptive, and malicious ones. Should you enter such a page, you will be alerted immediately, and further access to it will be blocked.