Mechling/Mechcom Support Group   

I am getting emails from Amazon.com and delivery confirmation notices, why?

 A couple of customers have contacted us about a flood of fake Amazon.com order confirmations they are receiving. The e-mail claims to originate from Amazon.com, and attempts to trick the user into clicking on a link which will then lead to obfuscated JavaScript and malware.

As an example:

-----
Dear Customer,

Your order has been sucessfully confirmed. For your reference, here's a summary of your order:

You just confirmed order #2341-23483720-38123

Status: CONFIRMED

-----

At the end of the e-mail follows a link to a malware site, labeled "ORDER INFORMATION".

A number of different domains have been seen used so far.

This particular attack appears to be a new version of similar e-mails we have seen over the last year or so (see fake alert). The new version uses larger e-mail messages, which appear to be composed with Microsoft Word. Some may look like they are coming from places like UPS or DHL delivery, a Banking Institution like First Merit, Capitol One, etc. Don't be fooled, they are spam meant to mislead you into clicking on a link that will infect your PC.

If you have a spam filter as part of your anti-virus software, you can configure it to see these messages as spam and they will go directly to your spam box instead of your inbox.