Amazon Users Need to be Cautious of Another Malicious Spam Campaign

Security firm Webroot has warned netizens using Amazon to be cautious as the spam e-mails that appear to be coming from the book seller could probably be bogus and malicious.

Besides books, other things that fraudsters have used in their e-mail include costly consumer electronic goods, or a contract (wrongly spelled as "conract" in the e-mail) for high-end home refurbishment work, allegedly to be done on the home of recipient.

Actually, the spam e-mails seem to be messages confirming order.

Webroot explained that the fake e-mail has a ZIP attachment, which, if opened, looks as a Microsoft Word Document. However, it is a Trojan that if executed can cause severe damage to the user's PC.

The security firm has detected this malware as Trojan-Downloader-Tacticlol. This Trojan downloads at least a rogue anti-virus payload once the victim unzips the malicious attachment and activates the file. The download website is typically closed in a few days, thus neutralizing the Trojan and stopping it from retrieving anything.

Highlighting numerous infections associated with the spam e-mail, Webroot has advised users to follow some precautionary measures if, in case, they receive an unsolicited e-mail with an attachment.

In view of Andrew Brandt, Webroot's Threat Researcher, the legitimacy of the e-mail with an attachment should be confirmed by telephone or some other means, as per the news published by webuser.co.uk on May 18, 2010. He added that users should be trained enough to avoid activating an attached document with .exe file extension, whatever its appearance or origin may be.

Webroot highlighted that this scam has shifted from the typically used "shipping confirmation" bait to the one claiming that the contents of the e-mail attachment include a code that has a value of $50 on online store of Apple's iTunes.

It is worth noted that this latest spam attack has come in just a few days after a Bredolab distribution campaign generating fake e-mails was discovered by security researchers at MX Lab. It too appeared as order-confirmation e-mails coming from Amazon.

Related article: Amazon’s Customers Latest Target for Phishers

» SPAMfighter News - 6/1/2010