PC Pals Forum

Technical Help & Discussion => General Tech Discussion, News & Q&A => Topic started by: Clive on January 11, 2010, 20:34

Title: Amazon Shipping update email contains malware
Post by: Clive on January 11, 2010, 20:34

Waiting for a delivery from Amazon.com? Well, be careful if you receive a notification in your email - as it could be that hackers are trying to trick you into infecting your computer.

We're intercepting a wave of forged emails which claim to come from order-update@amazon.com, but unlike regular emails from the dot com giant they have a malicious file attached designed to run a Trojan horse on your computer.

In a seeming attempt to entice users to open the dangerous attachment, the emails have embedded inside them an image of a familiar half-opened Amazon branded package.

The emails have the following characteristics:

Subject:
Shipping update for your Amazon.com order 254-71546325-658732

Message body:
Shipping update for your Amazon.com order 254-78546325-658742

‏[Image of Amazon package]

Please check the attachment and confirm your shipping details.

Attached file: Shipping documents.zip

Sophos detects the attached file as Troj/CryptBx-Zp and Mal/CryptBox-A.

As always, be sure that you have kept your computer's defences up to date, and ensure that you never open unsolicited email attachments. An email can claim to come from a well-established brand like Amazon, but easily be a forgery created by hackers.

                                         

Title: Re: Amazon Shipping update email contains malware
Post by: Simon on January 11, 2010, 21:16

That will catch a few people.  Thanks for the warning, Clive.

Title: Re: Amazon Shipping update email contains malware
Post by: Clive on January 11, 2010, 21:27

Well I'm a bit concerned about my new laptop!  Dell told my son that delivery would be February 4th yet he received an e-mail on Friday to say it was on its way.  :dunno:  I've e-mailed the Sophos warning to him but he may not see the message until tomorrow.  Unfortunately the laptop is being despatched to London so I won't get my hands on it until we see him in a month's time. 

Title: Re: Amazon Shipping update email contains malware
Post by: Simon on January 11, 2010, 21:33

Surely the rogue email isn't specific enough to detail your orders?  If so, you'd have to assume your Amazon account had been compromised.  Besides which, if that's where your laptop is coming from, wouldn't it be Amazon.co.uk?

Title: Re: Amazon Shipping update email contains malware
Post by: Simon on January 11, 2010, 21:35

Actually, I think I may have got confused!  What's your laptop from Dell, got to do with Amazon?

Title: Re: Amazon Shipping update email contains malware
Post by: Clive on January 11, 2010, 21:41

Good point Simon.  But I didn't place the order! 

Title: Re: Amazon Shipping update email contains malware
Post by: sam on January 12, 2010, 00:41

yes, I get emails like that quite often - well  you know "you ordered this" when you blatantly didn't all go nicely in my spam box.

Title: Re: Amazon Shipping update email contains malware
Post by: Simon on January 12, 2010, 10:16

Also, not all that many people here would order from Amazon.com, as it would usually be the .co.uk website, unless you're importing CDs / DVDs, etc.

Title: Re: Amazon Shipping update email contains malware
Post by: Rik on January 12, 2010, 11:12

It will spread, though.

Title: Re: Amazon Shipping update email contains malware
Post by: Simon on January 12, 2010, 12:21

Probably.  Because people will allow it to.  ::)