Amazon Shipping update email contains malware

by Graham Cluley on January 11, 2010 | Comments Off

Filed Under: Malware, Spam

Waiting for a delivery from Amazon.com? Well, be careful if you receive a notification in your email - as it could be that hackers are trying to trick you into infecting your computer.

We're intercepting a wave of forged emails which claim to come from order-update@amazon.com, but unlike regular emails from the dot com giant they have a malicious file attached designed to run a Trojan horse on your computer.

In a seeming attempt to entice users to open the dangerous attachment, the emails have embedded inside them an image of a familiar half-opened Amazon branded package.

Amazon email malware attack

The emails have the following characteristics:

Subject:
Shipping update for your Amazon.com order 254-71546325-658732

Message body:
Shipping update for your Amazon.com order 254-78546325-658742

"[Image of Amazon package]

Please check the attachment and confirm your shipping details.

Attached file: Shipping documents.zip

Sophos detects the attached file as Troj/CryptBx-Zp and Mal/CryptBox-A.

As always, be sure that you have kept your computer's defences up to date, and ensure that you never open unsolicited email attachments. An email can claim to come from a well-established brand like Amazon, but easily be a forgery created by hackers.

Tags:

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.