Is Amazon sending you a Sony Bravia? Beware the malware attack

Filed Under: Malware, Spam

Amazon Sony Bravia
Have you received an email from Amazon about a purchase of a Sony Bravia television?

If so, it's possible that you are in the gunsights of hackers behind a malware attack which is being seen around the world which is striking thousands of people who have shown no interest in ordering a new Sony television from the popular online store.

Bogus emails, which pretend to come from a manager at Amazon, thank you for shopping at Amazon.com and say that a Sony Bravia TV is winging its way to your address.

Malicious Amazon tracking email

Subject: Your order has been paid! Tracking NR:26958-480
Attached file: AMAZON_LABEL_07_07-2010.zip
Message body:

Good morning,

Thank you for shopping at Amazon.com!

We have successfully received your payment.

Your order has been shipped to your billing address.

You have ordered " Sony Bravia S3262 "

You can find your tracking number in attached to the e-mail document.

Print the postal label to get your package.

We hope you enjoy your order!

Maricela Ruffin, Amazon

The emails (which use slight variations in the subject line, the name of the alleged Amazon employee, and the model number of the Sony Bravia television) contain an attached file called AMAZON_LABEL_07_07-2010.zip.

If you're befuddled by the email in your inbox out of the blue then the most natural thing in the world might be to open the attachment in an attempt to determine what's going on - especially if you're worried your credit card may have been erroneously charged for some expensive TV hardware.

And that's where you would be making a big mistake. The emails are, of course, malicious. Sophos detects the ZIP file as Mal/BredoZp-B and the code contained within as Mal/Koobface-G, potentially putting your computer and associated social networking accounts at risk of compromise.

This isn't a new trick for cybercriminals to use of course. In the past we've seen other dangerous emails posing as Amazon shipment updates - an order for a Sony VAIO laptop computer, for instance.

And you thought repeats on TV were boring... in the malware world it's even more repetitive.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.