Malware Watch: Malicious Amazon themed emails in the wild

A currently spamvertised malware campaign is brand-jacking Amazon.com, in an attempt to trick end users into visiting a client-side exploits serving URL.

The campaign, is related to fake Amazon order confirmations, and Twitter password reset campaigns, and is part of a systematic attempt to impersonate well known brands - a well proven technique resulting in tens of thousands of clicks from socially engineered users.

Read More:

Malware Watch: Malicious Amazon themed emails in the wild | ZDNet

Go through related Malware Watch posts:

• Malware Watch: iTunes gift certificates, Skype worm, fake CVs and greeting cards
• Malware Watch: Skype exploit, Skype-themed malicious spam campaigns detected
• Malware Watch: Adobe zero day attack, malicious FIFA-themed spam, exploit serving Virus Alerts

Windows users are advised to take basic precautions such as switching to an alternative PDF reader, ensure they are not running outdated 3rd party applications and plugins, consider the use of least privilege accounts, a securely configured modern browser, or isolate their Internet activities in order to mitigate the risk.

If you do happen to get email from Amazon (I do) ... right click on the subject and choose "View full header". Make sure you see X-Originating-IP: [207.171.164.47]

IP Information for 207.171.164.47

IP Location: United States Seattle Amazon.com Inc Resolve Host: mm-notify-out-2103.amazon.com IP Address: 207.171.164.47

OrgName: Amazon.com, Inc.
OrgID: AMAZON-4
Address: 605 5th Ave S
City: SEATTLE
StateProv: WA
PostalCode: 98104
Country: US

Borg 386 said:

A currently spamvertised malware campaign is brand-jacking Amazon.com, in an attempt to trick end users into visiting a client-side exploits serving URL.

The campaign, is related to fake Amazon order confirmations, and Twitter password reset campaigns, and is part of a systematic attempt to impersonate well known brands - a well proven technique resulting in tens of thousands of clicks from socially engineered users.

Read More:

Malware Watch: Malicious Amazon themed emails in the wild | ZDNet

Go through related Malware Watch posts:

• Malware Watch: iTunes gift certificates, Skype worm, fake CVs and greeting cards
• Malware Watch: Skype exploit, Skype-themed malicious spam campaigns detected
• Malware Watch: Adobe zero day attack, malicious FIFA-themed spam, exploit serving Virus Alerts

Windows users are advised to take basic precautions such as switching to an alternative PDF reader, ensure they are not running outdated 3rd party applications and plugins, consider the use of least privilege accounts, a securely configured modern browser, or isolate their Internet activities in order to mitigate the risk.

Borg, thanks for the heads up!