A couple of malicious Discovery Card emails have been making the rounds for the past few days, attempting to trick recipients into clicking on links that point to malware-serving websites.
They both purport to come from “Discover Account Notes.” One of them informs recipients of “detail changes” and the other one is entitled “Substantial Information about your Discover Account.”
According to Dynamoo’s blog, the links from the notifications point to various domains that have been set up to serve malware. Some examples are:
Here are some excerpts from both emails, so you know what to lookout for. They’re basically the same, but with minor differences.
“Honored Discover Client, There is an serious message waiting for you from Discover® card. Please read the message mindfully and keep it with your file. To ensure optimal privacy, please log in to view your message at Discover.com. Please click on this link if you have forgotten your UserID or Password,” one of them reads.
The second one says, “There is an important message waiting for you from Discover® card. Please read the message carefully and keep it with your archive. To ensure optimal privacy, please sign in to read your data at Discover.com. Please visit discover.com if you have forgotten your Login ID or Password.”