Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Target 'Order Confirmation' Malware Email


Jump To: Example    Detailed Analysis   Comments   References

Outline

Order confirmation email purporting to be from Target claims that the company's online store has an order addressed to you. The message advises you to click a link to obtain full order information.

Target



Brief Analysis

The email is not from Target. The link in the message opens a compromised website that contains malware. The Target version is just one in a series of similar malware messages that have falsely claimed to be from well-known stores, including Walmart, Costco and Wallgreens. Despite a now outdated reference to Thanksgiving, the Target malware message is still being distributed.

   





related Links
What's New   Top Ten   Special Features   Subscribe


Example

Subject: Order Confirmation
As Thanksgiving nears we want to advise you that our online shop has an order addressed to you. You may pick it in any store of Target.com closest to you within four days.
Please, open the link  for full order information.
Always yours,

Target.com
Target

Detailed Analysis

'Target' Email Claims To Contain Order Information

According to this email, which claims to be from retail chain store Target, the company has an order addressed to you. The message claims that you can pick up the order from any Target store within four days.

The message suggests that you click a link to access details about the order.

Email is Not From Target - Link Opens Malware Website

However, the email is not from Target. Clicking the link in the message takes you to a website that contains malware.

If you use a non-Windows operating system, you may see a message claiming that the download is not compatible with your computer. 

If you are using one of the targeted operating systems, the malicious file may start downloading automatically. Alternatively, a message on the website may instruct you to click a link to download the file.
Typically, the download will be a .zip file that hides a .exe file inside. Opening the .exe file will install the malware.

The malware payload used in these campaigns can vary. But, typically, the malware can steal personal information from your computer and relay it to online scammers. The malware in this version is designed to add your computer to the infamous Asprox Botnet.

Despite the now outdated reference to Thanksgiving, the Target malware email continues to hit inboxes.

One in a Series of Fake Order Emails That Link to Malware

This email is just one in a continuing series of malware messages that claim to be from various high profile stores, including Costco, Walmart and Wallgreens.

Other versions list order or transaction details, but do not name any particular store. Again, links in the messages lead to malware websites. In some cases, the malware is contained in an attached file.

If you receive one of these bogus emails, do not click any links or open any attachments that they contain.



Target

© Depositphotos.com/ equipoise


Last updated: December 19, 2014
First published: December 19, 2014
By Brett M. Christensen
About Hoax-Slayer

References
DEC 14 Be Wary of ‘Order Confirmation’ Emails
Asprox Botnet
Fake Costco Order Notification Leads to Malware
Fake Walmart 'Order Details' Email Opens Malware Website
Fake Walgreens Order Email Opens Malware Website
Payment Gateway 'Credit Card Transaction Result' Malware Email