Only, the latest variant of Amazon spam doesn’t just direct users to a pharmaceutical website like the bogus cancellation notices did.
No, instead the fake Amazon order confirmation messages will lead you straight to a malicious site that will attempt to install malware on your computer.
The Bait: Bogus Amazon Order Confirmation Email
Characteristics of the spam messages spotted in the wild:
- The sender's name is “Amazon.com.”
- Subject lines used: “Your Amazon.com Kindle e-book order confirmation” or “Your Amazon.com order confirmation.”
- The billing address, price and ordered item appear to be randomly generated.
- All of the embedded links point to third-party websites (compromised WordPress sites) and NOT Amazon.com.
The Attack: Courtesy of BlackHole Exploit Kit
Should you make the mistake of clicking on a link within a fraudulent Amazon order confirmation email, you will see a blank page reading:
“Amazon.com Order confirmation
Loading your book
Order ID: Loading…
Print Date/Time [timestamp]”
Meanwhile, the Blackhole exploit kit will work silently in the background, attempting to exploit vulnerabilities within the Microsoft Windows Help & Support Center, Adobe Flash Player, Adobe Reader and Adobe Acrobat to drop malware identified as TROJ_CRYPTOR.TH (TrendMicro) & Win32/AutoRun.Spy.Banker.P (NOD32) on your system.
Keeping Your PC Safe
To avoid falling for this attack, it is recommended that you:
- Keep your computer’s operating system and software fully patched with the latest updates.
- Always run antivirus software that offers real-time scanning and keep it up-to-date.
- Avoid clicking links within emails; type the URL of the website you want to visit directly into your browser address bar.
What to do with Amazon Spam
If you received this email or one similar to it:
- Do not click on any links.
- Report the email to Amazon.
- Delete the email.
Email Screenshot Credit: Webroot
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+