DHL Phishing Scam Identified by Forcepoint’s X-Labs

Forcepoint’s X-Labs identified an 11-step DHL phishing scam designed to steal user credentials and device telemetry. The attack chain employs fake one-time password (OTP) codes and leverages EmailJS to facilitate credential harvesting. No specific dates, affected user counts, or geographic targets were disclosed in the report. The scam targets individuals through phishing techniques mimicking DHL communications. Technical details include the use of multi-stage redirections and fraudulent authentication prompts. The primary impact involves unauthorized access to passwords and device data.