WorldPay card transactions carry malware danger

by Graham Cluley on May 7, 2009 | Comments Off

Filed Under: Malware, Spam

Cybercriminals are up to their old tricks again, disguising their Trojan horses by spamming them out attached to emails claiming to come from legitimate organizations.

Today one of the malware campaigns we are seeing pose as communications from WorldPay, claiming that your credit card has been charged on behalf of Amazon.

Malicious email claiming to come from WorldPay

The emails have the subject line "WorldPay CARD transaction Confirmation", and part of the email message reads:

Your transaction has been processed by WorldPay, on behalf of Amazon Inc. The invoice file is attached to this message. This is not a tax receipt. We processed your payment. Amazon Inc has received your order, and will inform you about delivery.

Malicious attachment
Of course, if you haven't bought anything on Amazon lately you might be all too tempted to click on the attached file (named WorldPay_CONFR.zip).

Which would be a mistake, of course, because it contains a copy of the Troj/Agent-JUC Trojan horse.

This is far from the first time that hackers have used a scam like this, and it won't be the last.

The message, as always, is to be on your guard and think twice before opening an unsolicited email attachment.

Tags: , ,

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.