'Customer Service Center' Malware Emails
OutlineEmail claiming to be from the "Customer Service Center" informs recipients that an order has been received and invites them to click a link to find out more about the order.
© Depositphotos.com/ maxkabakov
Brief AnalysisThe email is not from any legitimate customer service center. The email is designed to trick users into installing a malicious file on their computer. Clicking the link in the email downloads a .zip file that contains a malware .exe file within.
Subject: Customer Service Center
We have got your order and we will process it for 3 days.
You can find specification of the order:
[Link to .zip file removed]
Customer Service Center
This brief email claims that the "Customer Service Center" has received an order from the recipient and will process it within three days. It invites the recipient to click a link to find more information about the order.
The message makes no effort to identify either the company that supposedly sent the message or the product that the recipient supposedly ordered.
The message is fraudulent and was not sent by any legitimate customer service center. The goal of the criminals who sent the email is to trick the recipient into downloading and installing malware.
Presenting the scam email in such a generic format might seem like the scammers weren’t trying very hard. But, the tactic is cleverer than it seems. Because the email does not identify the company or the product, people who have actually ordered a product recently might be tricked into clicking a link without due forethought. And, people who have not ordered anything might be panicked into clicking the link in the mistaken belief that their credit card has been misused.
Moreover, unlike more sophisticated malware campaigns the link in the email points directly to the malicious download rather than to a fake website that tries to present the malware is a legitimate download.
Of course, the crudeness of the scam email will mean that many people will quickly recognize that it is fraudulent. Nevertheless, at least a few people will likely be taken in and click the link.
Those who do click the link will immediately download a .zip file. Opening the .zip file will reveal a .exe file. Clicking the .exe file will install the malware. The purpose of the malware may vary in different incarnation of the scam. Typically, however, such malware can make connections to remote servers operated by criminals, steal sensitive information from the infected computer, and install further malware.
Details in different incarnations of the malware emails may vary. Some may claim to be from the "Client Management Department" rather than the "Customer Service Center". If you receive one of these emails, do not click any links that it contains.
Last updated: January 24, 2014
First published: January 24, 2014
By Brett M. Christensen