Fake Amazon “Order Status” emails deliver malware
Posted on 04.12.2013
It comes as no surprise that as holiday shoppers begin to flood the internet looking for deals, the bad guys will be right behind them hoping to swoop in on an unsuspecting victim. Fake invoice scams are year round, but they are so much more effective during that time of year that most everyone is actually expecting packages in the mail from their online purchases.


Amazon.com has recently been pushing their 30 day free trial to their Amazon Prime services. This service, among other perks, allows Amazon shoppers to receive free two days shipping on all purchases. Offering free shipping during the shopping season must seem like a dream come true to people that prefer the peaceful trample-free option to shop from the comforts of their own homes as opposed to the chaos at the local shopping center.

This obviously looks like it was seen as a great opportunity by the cyber criminals out there too as floods of fake Amazon.com "Order Details" notifications are hitting our filters.

In possible haste a lot of these are broken. Some aren't formed properly so the intended payload attachment isn't viewable to the average recipient. Some of the attachments that made it are corrupted. However, a great deal of them are fully functional and aim to lighten that holiday wallet.

Among other things this piece of malware takes inventory of all running processes on the infected machine, steals all auto-complete passwords from Mozilla Firefox and makes attempts to download additional malware from its C&C server. At the time of writing the post, 25 out of 47 of the major AV companies recognized this threat.

Be on the look out for these and many other attempts to take advantage of the season. They are out in full force.


Author: Fred Touchette, AppRiver.





Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //