SophosLabs is intercepting a large amount of malicious spam at the moment, disguised as an email from Amazon.com.
The emails claim that the recipient has ordered a Sony VAIO A1133651A, and that documentation for tracking the delivery can be found in the file attached to the email.
However, this file (track.zip) contains a malicious Trojan horse – designed to infect Windows computers with fake anti-virus software (also known as scareware).
Of course, this tactic is nothing new. But clearly cybercriminals think it is still an effective route to achieve their goal – to infect as many computers as possible with their malware.
A typical email has the following characteristics:
Subject: Thank you for setting the order No.538532
Message body:
Dear Customer!
Thank you for ordering at our online store.
Your order: Sony VAIO A1133651A, was sent at your address.
The tracking number of your postal parcel is indicated in the document attached to this letter.
Please, print out the postal label for receiving the parcel.
Attached file: track.zip
Sophos detects the malware as Troj/FakeAV-BAH. Remember to always be suspicious of unsolicited email attachments that you receive out of the blue, and be sure to keep your anti-virus protection and other security systems updated.
