February 19, 2010Fake Amazon Email as Malware Delivery Vehicle
Amazon is typically abused by phishers who want to grab login credentials (and drain your credit card by hijacking victims' accounts). A non-phishing message arrived today that had a piece of malware attached. Here is the message part:
From: "Amazon Manager Reed Roth" <firstname.lastname@example.org>
Subject: Amazon Shop! Your order has been paid! Parcel NR.3611.
Thank you for shopping at Amazon.com
We have successfully received your payment.
Your order has been shipped to your billing address.
You have ordered " Apple MacBook MB404 "
You can find your tracking number in attached to the e-mail document.
Print the postal label to get your package.
We hope you enjoy your order!
Other variants of this message feature different products, such as a Sony VAIO computer.
The attached file, named Postal_package_NR926.zip, has weak anti-virus coverage at this hour. I believe the social engineering aspect of this fake message will be fairly successful in getting recipients to open the .zip file (and ensuing .exe file).
If you didn't order it, Amazon isn't gonna ship it.Posted on February 19, 2010 at 12:57 PM