14 DAY TRIAL // Have you purchased anything from Amazon UK? If so, you better be on the lookout for malware-delivering emails that purport to represent order confirmations from Amazon.co.uk.
Sophos experts say that all the links from the notification point to the legitimate Amazon.co.uk website. However, the file that’s attached to the emails, “Your Order Details with Amazon.zip,” hides a Trojan horse detected by Sophos products as Mal/BredoZp-B.
Cybercriminals often forge Amazon notifications to trick unsuspecting users into visiting malicious websites or opening malicious attachments. Numerous advisories have already been published on this topic.
On the other hand, considering that a lot of people buy things from Amazon, the chances of at least some internauts to fall for the ruse are pretty high.
Users of popular services such as Amazon, PayPal and eBay should always be cautious when opening emails, since in many cases they might lead to phishing or malware-serving sites. Or, as in this case, they might carry malicious attachments.