14 DAY TRIAL // Pizza Super Supreme, Pizza Veggie Lover’s, Pizza Ultimate Cheese Lover’s and drinks. Before you stir up your appetite, you should be warned that all these delicious pizzas are actually featured in the latest malware spreading spam campaign. Internet users may be presented these days with a fake pizza order that claims they have to pay a total of $107 (75 EUR). The crooks are relying on the confusion created to make their victims rush to press the Cancel Order Now link, which will redirect them to a malicious website.
“If you haven’t made the order and it’s a fraud case, please follow the link and cancel the order. If you don’t do that shortly, the order will be confirmed and delivered to you,” reads the bottom part of the message.
The malicious websites the user is redirected to are actually legitimate websites that were compromised to further redirect him to a malevolent domain in Russia, reports Commtouch Café.
The cleverest thing about this scheme is the way the pieces of malware are served to the unsuspecting internaut. A malware generator scans the system to determine what operating system it runs, what browser is utilized and what other potentially vulnerable components may be present.
The site is prepared to serve a cocktail of malware for almost any platform, using weaknesses that might be present in Java, Acrobat Reader, Flash and other known vulnerable extensions.
The name of the pizzeria can differ from one variant of the mail to the other, but they’re usually Italian names such as Graziano’s, Ulderico’s, Benvenuto, or Porfirio. The names and the ingredients of the pizzas may also change, but the final result is basically the same and the user is still taken in the end to a cleverly set up location.
To make sure you don’t fall victim to these attempts, delete the email as soon as you see its contents. If you already fell for the scam, run a complete system scan using an up-to-date antivirus solution.