Amazon 'Order Details' Malware Email
OutlineEmail purporting to be from Amazon, thanks recipients for their order and invites them to view order details in an attached file.
Brief AnalysisThe email is not from Amazon and the attached file does not contain order details. Instead, the attached .zip file harbours a malicious .exe file that, if opened, can install a trojan on the user's computer.
Order R:131318 Placed on June 28, 2014
Order details and invoice in attached file.
Need to make changes to your order? Visit our Help page for more information and video guides.
We hope to see you again soon. Amazon.com
A fraudulent email currently hitting inboxes around the world masquerades as an order notification message from Amazon.com. The message thanks recipients for placing an order with Amazon and informs them that they can view order details by opening an attached file.
But, alas, Amazon did not send the email and the attached .zip file does not contain order details as claimed. If opened, the .zip file reveals a .exe file. And, if users run this .exe file, a trojan may be installed on their computers.
Typically, such trojans can harvest personal and financial information such as account login data from the compromised computer and send it to criminals waiting online. It may also allow the criminals to take control of the infected computer.
The criminals hope that at least a few recipients, who have not made any recent Amazon orders, will be panicked into opening the attachment in the mistaken belief that a purchase has been made in their names.
And, of course, users who have recently bought items on Amazon might be tricked into opening the attachment in the belief that the file it contains pertains to their order.
Amazon's name has been used repeatedly in similar malware attacks in recent years.
Be very wary of any unsolicited email that claims that you should open an attached file or click a link to review details of a purchase order. This is a common ruse for both phishing and malware campaigns.
Last updated: July 24, 2014
First published: December 16, 2013
By Brett M. Christensen