Home

Widespread fake Amazon orders lead to PDF malware

July 22nd, 2010 by Avi Turiel | Category: Email Security, Web Security | View Comments

Well-crafted emails mimicking Amazon order confirmations have been detected in large quantities in the past week.  The Amazon logo and “your account” button actually take image files from the Amazon website.  The email includes twelve links designed to motivate recipients to click:

  • More information about an Amazon Visa card
  • The ordered items are not shown and are linked
  • The identity of “ordered by:” requires a click
  • Perhaps intentionally the order amounts do not add up leading a recipient to seek clarification by clicking on the order number
  • The header and footer of the message include “your account”, Help department”,  and “amazon.com” links

The links all lead to short-lived websites hosting malicious pdf files.  The pdf file is executed within an iframe and is therefore launched without user approval.  This final aspect highlights the importance of having a Web security solution to protect users.

Share and Enjoy:
  • email
  • Print
  • Twitter
  • Digg
  • Facebook
  • StumbleUpon
  • FriendFeed
  • del.icio.us
  • Google Bookmarks
  • LinkedIn
  • Technorati
  • Yahoo! Bookmarks
  • Reddit
Tags: , ,

Related posts

 
blog comments powered by Disqus `
 
© 2010 Commtouch Café
 | Site by illuminea | Sitemap