Fake Amazon Local Emails Deliver Malware
Beware of an email in circulation claiming to be from Amazon Local, which mentions invoices for an order you never actually made.
If you buy a lot of goods from Amazon there’s always the possibility you might fall for this one in the general deluge of legitimate payment confirmation emails.
The mail reads:
Thank you for your order. We’ll let you know once your item(s) have dispatched. You can check the status of your order or make changes to it by visiting Your Orders on Amazon.com.
Order QL7770203 Placed on May 15, 2014
Order details and invoice in attached file.
Need to make changes to your order? Visit our Help page for more information and video guides.
We hope to see you again soon. Amazon.com
Note that the email mentions the order was placed on the 15th, which adds to the illusion of “Wait…did I actually order this but forget about it?”
The attachment is called order_id.zip, though it had already been scrubbed from the service it was sent to up above so we can’t give more information on it at this time.
You can see more examples of what appear to be related campaign mails over on this CISCO alert.
As with all fake order mails, be very cautious around attachments and if there’s an order you’re not sure about then login to Amazon or [merchant x] and see if you actually are missing a delivery.
Chances are, the only thing waiting in your mailbox is some malware.