Fake Amazon Emails Circulates Malware

Recently, security researchers at Sophos alerted netizens that a new series of forged mails that seems to be shipment updates sent from Amazon but in actual are autorun worm are making rounds on the internet.

The subject line of the fake e-mails messages reads "Shipping update for your Amazon.com order". Besides, the e-mail header are spoofed so that it appears that the mails are sent from a order i.e. update@amazon. The body of the email bears the same text as provided in the subject line along with an supposed order number and instruction for checking the enclosed attachment and confirming all shipment details.

An Amazon advertisement banner, which must probably be replicated from a legitimate e-mail sent by Amazon is also in the body text of the e-mail, along with an image of an open box.

The attachment in the email carries the title, "Shipping documents", but security researchers at Sophos, have warned of malicious executables, which were identified as W32/AutoRun-BHY on it. A click on the link, instead of providing package information to people infects their PCs with malware that can take out all personal details including passwords.

This scam is effective particularly when Christmas is knocking at the door, and so many people are eagerly waiting to know their package delivery status from Amazon.

Order shipments from Amazon are comparatively a general theme for fake infected e-mails, commented the experts, which may not be as dangerous as DHL or UPS, but sufficient to infect a large number of netizens.

Even if an email address or a logo seems to be real, it is recommended by security experts to
consult Amazon directly rather than clicking on a link.

Cold hearted cyber criminals are always waiting for an opportunity so even if it is Christmas, it hardly matters to them. They just want to make their fortune by infecting PCs and fulfill their own motives, as published in news on Company's blog on December 17, 2010.

Users are recommended to deal with their emails prudently, particularly those that are carrying an attachment, despite their origin. They can also run multi-engine antivirus scan services such as, Virus Total to find out whether a file is malicious.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 12/30/2010