Bogus Amazon Order Email Brings Ransomware

 Analysis by: Cedrick Ramos

A spam campaign has been discovered to be leveraged by ransomware authors to deceive unwitting users. The spammed message is using the popularity of online shopping giant Amazon to send the recipient a bogus order email that contains various URLs. It informs the recipient that the order is already on its way and further details can be found in the embedded links, which download malicious files. The links are detected as 'Dangerous - Ransomware/Phishing'.

Telltale signs of a spoofed email are tough to detect in this kind of spam that mimics Amazon's order template. Users, then, are advised to routinely inspect their emails and check the URLs and attachments before clicking on them.
 SPAM BLOCKING DATE / TIME: September 13, 2017 GMT-8
 TMASE INFO
  • ENGINE:8.0
  • PATTERN:3328