Cybercriminals Use Amazon Shipping Scam to Deliver Malware
Cybercriminals are taking advantage of online shoppers' last-minute gift buying habits with a new holiday hoax.
Researchers at the security company Sophos have noticed malware masquerading as legitimate e-mails from Amazon.com alerting users that they have an urgent issue to address regarding a package they ordered. The e-mails, which appear to originate from firstname.lastname@example.org (an address that Amazon actually uses to update customers regarding their orders ), contain the subject "Shipping update for your Amazon.com order" and include an attached .zip file.
But clicking on the link won't give people any information about a package instead, the link infects computers with malware that can steal personal information such as passwords.
This scam is particularly effective because, with Christmas so close, many people actually are waiting to hear about the status of their packages' delivery from Amazon.
Security experts recommend calling Amazon directly rather than clicking on a link, even if the e-mail address and logo appear to be real.
- New Breed of Malware Preys on Human Sympathy
- The Key to a Secure Password
- Security and Privacy Software Reviews