MALWARE - Order Number 'Thank You For Using Our Services' Email
OutlineEmail claims to be a notification about a recent transaction and includes an order number, price, and payment method. It advises you to open an attached file for details about the purchase.
© Depositphotos.com/ panama555
Brief AnalysisThe email is not a genuine transaction notification. The attached .zip file contains malware that can infect your computer. Order numbers and other details may vary in different versions. Do not open any attachments or click any links in this email.
Order no. 68474839976
Thank you for using our services!
Your order #68474839976 will be shipped on 31.08.2014.
Date: August 27, 2014. 11:58am
Payment method: Wire transfer
Transaction number: C9FBB22E241CA76D
Please find the detailed information on your purchase in the attached file
Email Supposedly Provides Details About a Recent Transaction
It claims that you can find detailed information about the purchase by opening an attached .zip file.
Email is Not an Order Notification - Attachment Contains Malware
If you open the .zip file, you will find that it contains two files, one named 'order.bat' and another named 'order.dat'.
A batch (.bat) file is a special type of text file that contains a series of commands that can be executed when you run the file. Batch files can be useful for automatically performing repetitive tasks on Windows based computers and for a variety of other legitimate uses.
In this case, however, the batch file is being used for malicious purposes. This .bat file may run commands that interact with the .dat file and install malware on your computer.
There are several versions of the malware email that feature different order numbers, purchase amounts, and purchase dates. The name of the supposed sender may also vary.
Fake Receipt and Order Notifications a Common Malware Tactic
Be very cautious of any generic and unexpected email that claims you can view details about a supposed transaction by opening an attached file or clicking a link.
© Depositphotos.com/ unkreatives
Last updated: August 28, 2014
First published: August 28, 2014
By Brett M. Christensen