15 May 2013
Malware delivered in fake Amazon.co.uk e-mails
Unsuspecting users are being warned to look out for fake Amazon.co.uk e-mails that appear to be sent by Amazon about a recent order but actually contain malware that could infect your computer.
The e-mails have the subject title, Your Order with Amazon.co.uk and appear genuine. It is disguised to trick unsuspecting users into opening the attached file, Your Order Details with Amazon.zip, which contains a trojan horse, identified by Sophos as Mal/BredoZp-B.
This e-mail was not sent by Amazon and could easily confuse customers of the web site that may be wondering what’s possibly been ordered with their account.
Here is a screenshot of a typical e-mail message seen by SophosLabs:
What’s interesting about this particular scam is the e-mails not only look genuine but clicking any of the links contained within the message will actually direct you to the genuine Amazon UK web site. It is clear the criminals behind this scam are only interested in infecting your computer with malware, rather than phishing for your information.
Free anti-malware tools
You can help reduce the threat of malware like this by using up-to-date antivirus software and anti-spyware tools. It is important to make sure that your software is regularly updated with the latest definitions and that you run a scan at least once a week. You can find free security tools in this article.
I also strongly recommend that you keep Microsoft Windows up-to-date with the latest Windows Updates to benefit from security patches.