14 DAY TRIAL // Earlier this week, a legitimate-looking order confirmation notification for a 55-inch Sony LED TV set, apparently coming from Amazon, landed in one of our inboxes. At the time, we didn’t make much of it because there weren’t any reports about a widespread spam campaign.
However, it turns out that the email is in fact part of a massive spam campaign designed to distribute a piece of malware.
Conrad Longmore of Dynamoo’s Blog has identified at least two malware-serving domains to which recipients of these phony Amazon order confirmations have been lured to.
On Friday, security firm Bitdefender also published a report on the campaign.
According to Bitdefender experts, the product mentioned in the bogus order confirmations is always a 55-inch TV set, but its make and model differ from one email to the other.
Here are just a few of the subject lines identified by the security solutions provider:
- Amazon.com order of Vizio G55UH4030 55-Inch - Amazon.com order of Sony S554P3030 55-Inch - Amazon.com order of Akai NML55GUG030 55-Inch - Amazon.com order of Samsung UN55HQ5010 55-Inch - Amazon.com order of Toshiba TB55QX5030 55-Inch - Amazon.com order of Sanyo I55TZ4050 55-Inch - Amazon.com order of Panasonic UN55EH6010 55-Inch - Amazon.com order of LG A55LG27020 55-Inch
The delivery addresses are from all across the US, including locations such as Annandale, AK, Los Altos, PA, Salem, DC, Pasadena, PA, Cohoes, NE and Santa Barbara, WA.
As noted earlier, the links from these emails don’t point to Amazon.com, but to a website that’s set up to serve a piece of malware via the notorious BlackHole exploit kit.
The BlackHole exploit kit checks the victim’s software to see if it can find any unpatched vulnerability that it can leverage to push the malware through.
In case you come across such emails, be extra careful before clicking on the links. If you haven’t ordered a TV from Amazon.com, simply delete the email.
If you have ordered one, hover the mouse over the links and make sure they point to Amazon.com before clicking on them.