14 DAY TRIAL // Amazon customers in the UK should keep their eyes wide open when notifications from the online retailer hit their inbox because a malicious email campaign is targeting them.
The messages have been rigged with a malicious attachment under the form of a Microsoft Word document that leads to compromising the computer.
The document contains a set of macro instructions, which proceed to download a piece of malware.
Macros are snippets of VBA code that come in handy for automating frequently used tasks; however, they also present a security risk, and because of this, they are disabled by default in Office programs.
According to Online Threat Alerts, the website (weststarradio.co.uk) hosting the malware funneled in by the macro used in this campaign may have been compromised particularly for this purpose.
At the moment there is no analysis of the threat infecting the computers and there is no specific information about its purpose. However, if someone were to try to guess the type of nefarious activities it engages in, they would definitely include exfiltrating sensitive information such as account credentials.
Other forms of compromise could consist in making the system part of a botnet that can be used for sending malicious email to infect other computers, scan websites for vulnerabilities or carrying out distributed denial-of-service attacks against a specific target.