Topic: Trojan hides in 'Amazon' email

[Clive]

March 21, 2006
Veronique De freitas

Computers users should watch out for emails claiming to come from online retailer Amazon as they could hide a new Trojan, security experts have warned.

The Clagger-K Trojan hides as an attachment in an email that claims that the Amazon users' credit card will be debited for more than £300.

According to security company Sophos, the malicious email claims to be from Amazon payment support team and arrives with the subject line 'Your payment done' and a text body that says:

'Dear customer!
We're writing to let you know that we've initiated a transfer from your bank account (Last 4-digits: 0402) for the following amount: GBP 313.14 (ORDER #0220873 , DATE #20.03.2006) - Funds should leave account in approximately three to five working days. See your statement details in attachment. To review your account at any time, please access your Account Summary If you have any questions or concerns regarding this settlement, please contact us at payments-support@amazon.co.uk' .

Graham Cluley, senior technology consultant at Sophos, said: "Once it has slipped under your radar, this Trojan is capable of downloading further malicious code from the internet, giving hackers access to your PC. A real message from Amazon would never contain an attached executable file, and people should always think carefully before running unsolicited code on their computer."