Be careful, these fake Amazon emails contain malware
The end of the year is a good time at all levels, including for cybercriminals. Hackers use the festivities to carry out phishing and malicious spam campaigns. EdgeWave, a company specializing in email security, has discovered a new malware campaign that takes the form of fake Amazon order confirmation emails. These are very convincing emails, destined to cause many victims.
Very insidious false order confirmations
These fake confirmation emails are sent with the following items: "Your Amazon.com order", "Amazon order details" or "Your 162-2672000-0034071 order has been shipped". When the victim opens these emails, a confirmation message appears without indicating the order details or tracking information. However, the message invites the recipient to click on the "order details" button to obtain this information.
If the victim clicks on this button, he or she triggers the download of a Word file called "order_details.doc". The message in the document indicates that a specific feature must be enabled to correctly display its content.
In fact, if the user clicks on the activation button, it will trigger the download and installation of a bank Trojan (via the PowerShell command prompt).
According to EdgeWave, the hackers behind this attack use servers located in the United States and Indonesia. These servers are configured to communicate with each other.
What are the consequences for the victim?
Malware runs in the background and records what the user types on the keyboard. Thus, cybercriminals can retrieve personal information (identifiers, passwords, bank details, etc.).
The emails for this campaign are written in English, which should make you aware of it. If you are in doubt about the confirmation emails you receive, do not click on the links or attachments, and compare the sender's address with the one used by Amazon. It is also preferable to delete these emails so as not to take any risks. In any case, you will be able to access the details of your Amazon orders directly in the mobile application or on the website of the American giant.
Source: Bleeping Computer
Author : Nicolas JJE
- Laisser un avis
Articles on the Same Subject
- What are the alternatives to Malwarebytes Anti-Malware? Not long ago, you were told about THE ultimate solution to clean your extremely slow PC. This very popular and rather effective solution is called...
- This flaw in Microsoft Office exposed passwords and other user data The different versions of Microsoft Office include a vulnerability that, once exploited, allows users' personal data such as passwords and other...
- How to protect your data? Every company needs to be able to protect its data to varying degrees, from the most common to the most sensitive. Depending on the level of security...
- Email scams You are my victim or Password must be changed continue We keep talking about it, but email scams continue to proliferate and still claim victims, perhaps not in numbers but enough to encourage scammers to...