Mechling/Mechcom Support Group
I am getting emails from Amazon.com and delivery confirmation notices, why?
A couple of customers have contacted us about a flood of fake Amazon.com order confirmations they are receiving. The e-mail claims to originate from Amazon.com, and attempts to trick the user into clicking on a link which will then lead to obfuscated JavaScript and malware.
As an example:
-----
Dear Customer,
Your order has been sucessfully confirmed. For your reference, here's a summary
of your order:
You just confirmed order #2341-23483720-38123
Status: CONFIRMED
-----
At the end of the e-mail follows a link to a malware site, labeled "ORDER INFORMATION".
A number of different domains have been seen used so far.
This particular attack appears to be a new version of similar e-mails we have seen over the last year or so (see fake alert). The new version uses larger e-mail messages, which appear to be composed with Microsoft Word. Some may look like they are coming from places like UPS or DHL delivery, a Banking Institution like First Merit, Capitol One, etc. Don't be fooled, they are spam meant to mislead you into clicking on a link that will infect your PC.
If you have a spam filter as part of your anti-virus software, you can configure it to see these messages as spam and they will go directly to your spam box instead of your inbox.