Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Fake Walgreens Order Email Opens Malware Website


Jump To: Example    Detailed Analysis   Comments   References

Outline

Order Email purporting to be from US pharmacy retailing chain Walgreens claims that you can find more information about a recent order by clicking a link.




Brief Analysis

The email is not from Walgreens. Clicking the link opens a website that contains malware. Criminals are sending similar malware emails that pretend to be from Costco, Walmart, and other popular stores.

   





related Links
What's New   Top Ten   Special Features   Subscribe


Example

Subject: Thank you for buying from Walgreens
Walgreens AT THE CORNER OF HAPPY & HEALTHY
Pharmacy & Health | Poto | Shop Products
E-shop Walgreens has received an order addressed to you which has to be confirmed by the recipient within 4 days. Upon confirmation you may pick it in any nearest store of Walgreens.
Detailed order information is provided here .
Walgreens


Detailed Analysis

Order Notification Email Claims to be From Walgreens

This email, which purports to be from US pharmacy retailing chain Walgreens, claims that the company has received an order addressed to you. Supposedly, you are required to confirm the order within four days.

The message instructs you to click a link to access detailed information about the order.

Email is Not From Walgreens - Points To Malware

However, the email is not from Walgreens.  Clicking the link opens a compromised website that harbours malware. The malware may start downloading automatically. Or, a message on the website may ask you to download a file. If you are using a non-Windows operating system, you may receive a message noting that the software is not available for your computer.

The download will usually be a .zip file with a .exe file inside. Clicking the .exe file installs the malware.

The malware payload delivered in these campaigns may vary. Such malware can collect sensitive information from your computer and send it to criminals. It may also download further malware and allow criminals to take control of your computer. In this case, the malware may attempt to add your computer to the infamous Asprox Botnet.

Similar Malware Emails Use Names of Other Stores

Alternative versions of these fake order emails claim to be from Costco, Walmart, and several other well-known stores.

If you receive one of these emails, do not click any links or open any attachments that it contains.




© Depositphotos.com/ sergioz


Last updated: December 10, 2014
First published: December 10, 2014
By Brett M. Christensen
About Hoax-Slayer

References
ASProx malware threat targets holiday shoppers
Asprox Botnet