12/04/2014
Just a friendly warning here about possible email scams for the holiday season:
Here’s a bit of what cybersecurity guru Brian Krebs has to say about how the Order Confirmation Scam works.
“If you receive an email this holiday season asking you to “confirm” an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.
“Seasonal scams like these are a perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that it’s easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25.”
In Krebs’ warning, “Be Wary of Order Confirmation Emails,” he includes replicas of Order Confirmation Scam emails purporting to be from Costco, Target, Home Depot and Walmart. It’s worth taking a look at those to get a concrete idea of how realistic they can appear. Krebs goes on to state:
“According to Malcovery, a company that closely tracks email-based malware attacks, these phony “order confirmation” spam campaigns began around Thanksgiving, and use both booby-trapped links and attached files in a bid to infect recipients’ Windows PCs with the malware that powers the Asprox spam botnet.
“Asprox is a nasty Trojan that harvests email credentials and other passwords from infected machines, turns the host into a zombie for relaying junk email…and perpetuates additional Asprox malware attacks. Asprox also deploys a scanning module that forces hacked PCs to scan websites for vulnerabilities that can be used to hack the sites and foist malware on visitors to that site. …
“Malcovery notes that the Asprox spam emails use a variety of subject lines, including “Acknowledgment of Order,” “Order Confirmation,” “Order Status,” “Thank you for buying from [insert merchant name here]”, and a “Thank you for your order.””
So, what should you do?
It’s fairly straight-forward.
“If you receive an email from a recognized brand that references an issue with an online or in-store order and you think it might be legitimate, do not click the embedded links or attachment. Instead, open up a Web browser and visit the merchant site in question. Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the transaction — information that can be used to look up the order status at the merchant’s Web site.”
