By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Those who remember earlier days of the internet are familiar with the “Nigerian Prince letter,” also known as the 419 scam. While that fraud typically runs from personal email accounts, another one uses an official Nigerian government website to host a phishing page for the DHL international courier service. Nigeria has a large culture of fraud, which is defined in the country's criminal code at number '419,' under Chapter 38: Obtaining Property by false pretenses; Cheating," but this is ridiculous. For over two weeks, the Nigerian National Assembly (NASS) site has been serving a fraudulent page that asks for DHL account credentials. This is just a landing location, most likely pushed through spam. The phishing resource is "u.php" and it is present on multiple legitimate websites that have been hacked to host it. We also found it on domains that look like they've been registered specifically for DHL phishing purposes. At the moment of writing, loading most of them triggered the "Deceptive site" warning in Chrome and Firefox, but not all of them have been indexed as unsafe, yet. Security researcher MalwareHunterTeam found the phishing page on the NASS website and noticed a history of malicious URLs available on the official domain. Read more on OUR FORUM.

 

GTranslate