• RSS feed RSS feed

Be careful, these fake Amazon emails contain malware

Be careful, these fake Amazon emails contain malware

The end of the year is a good time at all levels, including for cybercriminals. Hackers use the festivities to carry out phishing and malicious spam campaigns. EdgeWave, a company specializing in email security, has discovered a new malware campaign that takes the form of fake Amazon order confirmation emails. These are very convincing emails, destined to cause many victims.

Very insidious false order confirmations

These fake confirmation emails are sent with the following items: "Your Amazon.com order", "Amazon order details" or "Your 162-2672000-0034071 order has been shipped". When the victim opens these emails, a confirmation message appears without indicating the order details or tracking information. However, the message invites the recipient to click on the "order details" button to obtain this information.

Confirmation Amazon

If the victim clicks on this button, he or she triggers the download of a Word file called "order_details.doc". The message in the document indicates that a specific feature must be enabled to correctly display its content.

Amazon faux mail

In fact, if the user clicks on the activation button, it will trigger the download and installation of a bank Trojan (via the PowerShell command prompt).

According to EdgeWave, the hackers behind this attack use servers located in the United States and Indonesia. These servers are configured to communicate with each other.

What are the consequences for the victim?

Malware runs in the background and records what the user types on the keyboard. Thus, cybercriminals can retrieve personal information (identifiers, passwords, bank details, etc.).

The emails for this campaign are written in English, which should make you aware of it. If you are in doubt about the confirmation emails you receive, do not click on the links or attachments, and compare the sender's address with the one used by Amazon. It is also preferable to delete these emails so as not to take any risks. In any case, you will be able to access the details of your Amazon orders directly in the mobile application or on the website of the American giant.

Source: Bleeping Computer

Articles on the Same Subject

No Comments
Be the First to Leave a Comment

Leave a comment for the article Be careful, these fake Amazon emails contain malware

Please behave respectfully towards other users

Must-Have Software
  • NSA Ghidra NSA Ghidra 131 downloads

    Ghidra is a software reverse engineering tool that allows you to analyze malware to better understand how it works
    See the software

  • Comodo Internet Security Essentials Comodo Internet Security Essentials 32 downloads

    Contrary to what its name may suggest, Comodo Internet Security Essentials is not an antivirus. This is a program that ensures that you are safe when...
    See the software

  • Malwarebytes Chameleon Malwarebytes Chameleon 127 downloads

    Malwarebytes is a free tool that allows you to force the installation of Malwarebytes Anti-malware, when an infected system blocks the use and...
    See the software