Waiting for a delivery from Amazon.com? Well, be careful if you receive a notification in your email – as it could be that hackers are trying to trick you into infecting your computer.
We’re intercepting a wave of forged emails which claim to come from , but unlike regular emails from the dot com giant they have a malicious file attached designed to run a Trojan horse on your computer.
In a seeming attempt to entice users to open the dangerous attachment, the emails have embedded inside them an image of a familiar half-opened Amazon branded package.
The emails have the following characteristics:
Subject:
Shipping update for your Amazon.com order 254-71546325-658732
Message body:
Shipping update for your Amazon.com order 254-78546325-658742
“[Image of Amazon package]
Please check the attachment and confirm your shipping details.
Attached file: Shipping documents.zip
Sophos detects the attached file as Troj/CryptBx-Zp and Mal/CryptBox-A.
As always, be sure that you have kept your computer’s defences up to date, and ensure that you never open unsolicited email attachments. An email can claim to come from a well-established brand like Amazon, but easily be a forgery created by hackers.
