Amazon Order Confirmation Phishing Scam

Security
Amazon Order Confirmation Phishing Scam

All those who have relied upon the e-commerce giant Amazon to order their holiday gifts should heed caution when receiving order confirmation emails, as EdgeWave reportedly discovered a new and highly sophisticated malspam campaign sending fake Amazon order confirmation messages.

The messages are reportedly quite convincing, and include subject lines that read “Your Amazon.com order,” “Amazon order details” and “Your order 162-2672000-0034071 has shipped.”

According to BleepingComputer, “When you open these emails, you will be shown an order confirmation that states your item has shipped, but without any details regarding what was ordered or tracking information. It then tells the recipient to click on the Order Details button in order to see more information.”

Credit: Bleeping Computer
Credit: Bleeping Computer

Unsuspecting users who click on the link thinking they are downloading a Word document named order_details.doc are then instructed to “Enable Content” so that the order may be properly viewed. However, these unwitting users are actually enabling content that triggers the macros to execute a PowerShell command, which reportedly downloads and executes the Emotet banking Trojan.

EdgeWave told BleepingComputer that while researchers were testing the malicious document, the Emotet downloaded as keyandsymbol.exe even though the name of the Trojan was mergedboost.exe.

“Interestingly, these other servers are in Houston and Lansing. Playing Dora the Explorer for a moment, we’ve encountered a compromised email server in Columbia sending phishing email with a link to a server in Indonesia that downloads malware which then contacts compromised servers in the United States,” EdgeWave reportedly said.

Products You May Like

Articles You May Like

Warung Pintar raises $27.5M to digitize Indonesia’s street vendors
773 million email IDs, 21 million passwords for anyone to see in massive data dump
CyberFirst Girls 2019 Kicks Off Next Week
TechCrunch Conversations: Direct listings
Frequent Fortnite Player? 4 Tips to Combat the New Attack on User Accounts

Leave a Reply

Your email address will not be published. Required fields are marked *