Although emails scams are something everyone should always be vigilant about, AppRiver has identified two specific Amazon phishing which are currently targeting the UK market, Tech Week Europe reports.
There are two phishing emails currently observed, one that has so far targeted 600,000 customers and another aimed at 160,000. Both have similar characteristics, including their mission with their attached malware: to harvest banking login, email and social media credentials.
The first, more prevalent, email mimics the standard Amazon dispatch email that will be familiar to millions of online shoppers, complete with an authentic sounding email heading, including a fake order reference. It has a Word document attached, which curious shoppers wondering what has been ordered on their account will feel tempted to open. The attachment itself contains a macro that, if allowed to run, will install a trojan dropper, which eventually attempts to download keylogging software to catch usernames and passwords of the victims.
The second fake email, that has so far only been caught 160,000 times, is subtly different and preys on the target's concern that they have already been defrauded by pretending to be an order confirmation on some intimidatingly expensive items. These emails look even more accurate to the untrained eye, containing actual graphics from the main site of the item(s) ordered.
This fake email differs from the first by having malicious links to compromised Wordpress sites, which then downloads a .scr file (e.g: _invoice1104.pdf.scr). This is another trojan dropper that will download more malware once the victim's computer is infected. Currently the malware is logging keystrokes, but the malware distributors could also download and install remote files, should they wish.
These scams are particularly popular during the busy Christmas season. For tips on what to look out for with suspicious email, our guide should prove helpful, or you can watch the video below.
2nix Studio / Shutterstock.com
