Malware Watch: Malicious Amazon themed emails in the wild

Malware Watch: Malicious Amazon themed emails in the wild

Summary: A currently spamvertised malware campaign is brand-jacking Amazon.com, in an attempt to trick end users into visiting a client-side exploits serving URL.

SHARE:

A currently spamvertised malware campaign is brand-jacking Amazon.com, in an attempt to trick end users into visiting a client-side exploits serving URL.

The campaign, is related to fake Amazon order confirmations, and Twitter password reset campaigns, and is part of a systematic attempt to impersonate well known brands - a well proven technique resulting in tens of thousands of clicks from socially engineered users.

- Sample subject: Amazon.com: Please verify your new e-mail address

- Sample message: "Dear email, You recently changed your e-mail address at Amazon.com. Since you are a subscriber of Amazon.com Delivers E-mail Subscriptions, you will need to verify your new e-mail address. Please verify that the e-mail address email belongs to you. You can click on the link below to complete the verification process. Alternatively, you can type or paste the following link into your Web browser: http://www.amazon.com"

Go through related Malware Watch posts:

Windows users are advised to take basic precautions such as switching to an alternative PDF reader, ensure they are not running outdated 3rd party applications and plugins, consider the use of least privilege accounts, a securely configured modern browser, or isolate their Internet activities in order to mitigate the risk.

Topics: Malware, Amazon, Collaboration, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

12 comments
Log in or register to join the discussion
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    So where DO those nefarious links go? I'm just curious, not that I want the complete URL! I've seen a lot of phishing sites/spam going back to top level domains in .ru and .ir . Also, the (c) 1995-2006 might expose some of the sloppiness of those criminals!
    randysmith@...
    • RE: Malware Watch: Malicious Amazon themed emails in the wild

      @randysmith@... the one I received this morning went to a .ru address, which is what gave it away. I had recently ordered from Amazon, so I was almost fooled. Fortunately, I watch my status bar before clicking any email links, not a perfect solution, I know, but it often allows me to quickly detect and deal with phishing spam.
      cburkitt2
      • RE: Malware Watch: Malicious Amazon themed emails in the wild

        @cburkitt2 When you said "it often allows me to quickly detect and deal with phishing spam." I'm wondering how you deal with it? You mean reporting it as a phishing website? I'm an Amazon customer and whenever I'm in Hotmail, sometimes other places, all manner of ads (with a black background) pop up. Mostly they are about i Tunes or Walmart and have an Amazon URL. Are those the same ads with the black background you're experiencing? What can I do to stop this from happening? Thank you.
        Damsel_in_reCaptcha_Distress
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    I've actually put an OUTbound block on my wireless router to prevent accessing any ".ru" domains... And the router log files occasionally reveal websites which are just LOADED with outbound link attempts in that direction. Worth considering...
    flared0ne
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Amazon.com is a site you cannot trust. They allow people to hack it. I had a seller account which they suspended because they claim I have two seller accounts. I have tried to explain to them over and over I DO NOT, but they keep sending the same lies back to me
    dajones3
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Watch The Obama Deception Movie based on Facts alone of the criminal president barack obama the puppet of the new wolrld order and traitor of Ameria.copy link here.http://www.youtube.com/watch?v=eAaQNACwaLw Also go to Infowars.com to get your news you will not get the real news on tv all you get is fluf peices on people like lindsay lohan and tigerwoods. then lies when it comes to anything else and worse a total complete media black out which is every day.
    max597
    • RE: Malware Watch: Malicious Amazon themed emails in the wild

      @max597
      Are you off your meds or on drugs? And what does this have to do with malware emails anyhow?

      Be a smart user, dont believe everything you are told in an email, or on an online blog, or youtube.
      ryanstrassburg
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Alex Jones on RT: Government Cyber Invasion




    Russia Today
    July 16, 2010

    Is the United States government or outside forces the real threat to cyber security? Alex Jones says that the government is trying to silence free speech in America by expanding their reach on the internet. He also says his own personal sites have been censored, even deleted http://www.youtube.com/watch?v=avHkSzHx2zA
    max597
  • ThreatSTOP blocks the dropper sites

    Our users were protected pretty immediately, and the rest of the providers are now catching up.
    http://twitter.com/threatstop
    tomb@...
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Our biggest supporter of the fact that obama was born in kenya and not our president cause you cant be prez if your not born here is his wife michelle obama with her slip of the tounge in this short video.http://www.youtube.com/watch?v=proi6NFdKVs
    max597
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Bush 1 Killed JFK & Bush 2 Killed JFK, Jr - Back to Back movies.---------------------------------------------------------------------------------------------------------------http://dulyconsider.blogspot.com/2007/03/bush-1-killed-jfk-bush-2-killed-jfk-jr.html
    max597
  • RE: Malware Watch: Malicious Amazon themed emails in the wild

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">sesli sohbet</a> <a href="http://www.yuregininsesi.com">sesli chat</a>
    yarinsiz