Debunking hoaxes and exposing scams since 2003!





Jump To: Example    Detailed Analysis   Comments   References

'Thank You For Purchasing' Emails Contain Malware


Jump To: Example    Detailed Analysis   Comments   References

Outline

Emails with subject lines such as 'Urgent Notice' and 'Important Notification' thank you for purchasing with a company and suggest that you open an attached file to review order details. The emails include order totals amounting to several thousand dollars.

Malware Alert



Brief Analysis

The emails are not from any genuine company and the supposed purchase details are not valid. The attached .zip file contains malware.

   

Share







Bookmark and Share





related Links

Related Links

Identity theft is one of the fastest growing crimes in the world. Learn how to stay safe online with Hoax-Slayer's comprehensive eBook:




Examples

Subject: Important Notification B041557794

Thank you for purchasing with us today! Your order is on process at present.

Order Total: 3592 AU Dollars

Please check the word file provided below to view more information about your order.

BILLING DETAILS

Order Number: ODI723430099
Order Date: 12.17 Mar 02, 2015
Customer Email: [removed]

Attachment name: Payment details W880742251.zip

Important Notification Malware Email

Subject: Urgent Notice P414296231

Thanks for purchasing with our company today! Your order is currently processing.

Order Total: 5155 AU Dollars

Kindly check the invoice given below to view more information about this issue.

BILLING INFO

Order Number: DXX889907299
Purchase Date: 6.46 Monday, Mar 2 2015
Purchaser Email: [removed]

Attachment name: Payment details S411028064.zip

Important Notification Malware Email

Detailed Analysis

'Thank You for Purchasing ' Emails Claim Attachments Contain Order Info

A series of 'order notification' emails are currently hitting inboxes. The emails thank you for purchasing and claim that your order is being processed. The emails do not name the company that supposedly sent the notifications. Nor do they say what product or service was supposedly purchased.

However, they do include an order total amounting to several thousand dollars along with an order number, order date and customer email address.

They suggest that people check the attached file to find out more information about the purchase.

The emails are formatted fairly professionally and may appear to be genuine at first glance.

Details such as subject lines, order totals, and attachment names may vary in different versions of the emails.

Some have the subject line 'Urgent Notice'. Others may have the subject line 'Important Notification'.

Emails Not Genuine - Attachments Contain Malware

However, the emails are certainly not genuine order notifications and the order details included are not valid.

The criminals responsible for the emails hope that at least a few recipients - panicked into believing that a large purchase has been made in their names - will open the attachment without due caution.

However, the attached .zip file harbours malware. If you unzip the attachment and then click the file inside, the malware may be installed on your computer.

The behaviour of the malware may vary based on the specific goals of the criminals who send it. The malware may collect sensitive information from the infected computer and relay it to scammers. It may also download further malware, and join the computer to a botnet.

Fake order receipt emails are a very common means of distributing malware. Be wary of any unsolicited email that claims to contain information regarding a purchase you know nothing about. If you receive such an email do not click any links or open any attachments that it contains.

Malware Attack

©Depositphotos.com/yupiramos


Last updated: March 4, 2015
First published: March 4, 2015
By Brett M. Christensen
About Hoax-Slayer

References
Malware Threat Articles






More stories!

'Internet Capacity Warning' Phishing Scam
According to this email, which claims to be from the 'Support Department' at 'Information Technology Services', your internet capacity is 70% full and you therefore need to contact support to avoid problems.
Published: July 6, 2015


Kroger 'Free Coupons' Survey Scam
Message being distributed across Facebook claims that users can receive free coupons from American retailer Kroger just by sharing a message and visiting a third party website to claim their prize.
Published: June 16, 2015


Pointless Facebook Warning - Hackers Posting Insulting Messages or Sexual Content In Your Name
'Hacker' alert messages circulating on Facebook claim that, without your knowledge, hackers are posting insulting or sexual messages that appear to come from you onto your Facebook Timeline.
Published: June 3, 2015