Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishing E-mails Using Ocado’s Name Spreading

Scammers impersonating Hatfield, United Kingdom headquartered Ocado an online supermarket are distributing persuasive e-mails relating to purchase orders while their attachments are fake receipts containing malware.

Understandably, the scammers have hit several thousand inboxes following calls swamping the customer service of the retailer wherein puzzled people who're buyers/non-buyers told they got the e-mail.

Actually, sender's id of the e-mail is spoofed to look like the message is from "Ocado customer services <customerservices@ocado.com>".

Naturally, users viewing the attached files in the phishing electronic mail downloaded malicious software onto their PCs.

The attachment known with the name 'receipt.doc' is reportedly a Word document having malevolent macro which pulls down the Trojan.

The malevolent Word document has either of the names -W97M.Downloader.ACK, LooksLike.Macro.Malware.gen!d3 (v), Troj/DocDl-ADW, W2KM_DRIDEX.XDH or W97M.DownLoader.672.

According to MX Lab the security company, out of the 56 anti-virus engines 17 have spotted the malevolent Microsoft Word document.

A particular victim Jackie Farmer explained the situation the way her husband replied the fake e-mail understanding the shopping order was authentic.

Mrs. Farmer told the agent of customer service she had viewed the attachment to which the service said she needn't get worried.

However, after some hours the same day, the Farmers' commercial bank account showed a debit entry of 14,000 pounds. Only when certain PC engineer detected the fraudulent electronic mail supposedly from Ocado that it registered with Mrs. Farmer what had occurred.

The incident annoyed Mrs. Farmer because Ocado hadn't posted on its website immediately after it perceived the fraudsters' impersonation, as well as that agents at the customer service were not properly trained.

Disturbingly, a phishing e-mail scam exploiting the brand-name of a store isn't unknown, emphasize security researchers. For, during the 1st-week of April 2015, one departmental store with many outlets, JC Penney situated at Plano, Texas (USA) urged clients towards safeguarding themselves when online, since some clients informed of getting fake solicitations through either e-mail, phone call, postal mail, website or text message abusing JC Penney's brand-name. The fake e-mail pledged one shopping voucher worth $500 to the recipient who responded to a survey, while used the spelling of the store as 'JC Penny.'

» SPAMfighter News - 11/9/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page