“We Can Not Charge Your Credit Card” Emails Spread Malware

A confusing email is making the rounds, pretending to come from UPS, but carrying an attachment that supposedly contains an invoice from Amazon.

Here’s what the email entitled “We can not charge your credit card” looks like:

Your credit card was blocked.

We tried to withdraw money from your credit card, but your bank decline it. In the attachment you will be found a invoice from your last order. Please pay this invoice as soon as possible.

Conditions of Use Privacy Notice 1996-2012, Amazon.com, Inc. or its affiliates

The attachment is a .htm file that’s designed to download a script from the kefrikin.ru domain, Conrad Longmore notes on Dynamoo’s Blog .

The malicious element that’s served by the Russian site – identified by ESET as a version of the Kryptik Trojan - attempts to exploit vulnerabilities in Adobe Reader, Acrobat and the Windows Help Center.

We advise all internauts to keep their antivirus solutions up to date and to avoid such emails, since they can pose a great threat to their computers.