Is Amazon sending you a Sony Bravia? Beware the malware attack

Amazon Sony Bravia
Have you received an email from Amazon about a purchase of a Sony Bravia television?

If so, it’s possible that you are in the gunsights of hackers behind a malware attack which is being seen around the world which is striking thousands of people who have shown no interest in ordering a new Sony television from the popular online store.

Bogus emails, which pretend to come from a manager at Amazon, thank you for shopping at Amazon.com and say that a Sony Bravia TV is winging its way to your address.

Malicious Amazon tracking email

Sign up to our free newsletter.
Security news, advice, and tips.

Subject: Your order has been paid! Tracking NR:26958-480
Attached file: AMAZON_LABEL_07_07-2010.zip
Message body:

Good morning,

Thank you for shopping at Amazon.com!

We have successfully received your payment.

Your order has been shipped to your billing address.

You have ordered ” Sony Bravia S3262 ”

You can find your tracking number in attached to the e-mail document.

Print the postal label to get your package.

We hope you enjoy your order!

Maricela Ruffin, Amazon

The emails (which use slight variations in the subject line, the name of the alleged Amazon employee, and the model number of the Sony Bravia television) contain an attached file called AMAZON_LABEL_07_07-2010.zip.

If you’re befuddled by the email in your inbox out of the blue then the most natural thing in the world might be to open the attachment in an attempt to determine what’s going on – especially if you’re worried your credit card may have been erroneously charged for some expensive TV hardware.

And that’s where you would be making a big mistake. The emails are, of course, malicious. Sophos detects the ZIP file as Mal/BredoZp-B and the code contained within as Mal/Koobface-G, potentially putting your computer and associated social networking accounts at risk of compromise.

This isn’t a new trick for cybercriminals to use of course. In the past we’ve seen other dangerous emails posing as Amazon shipment updates – an order for a Sony VAIO laptop computer, for instance.

And you thought repeats on TV were boring… in the malware world it’s even more repetitive.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.