Security Threat

Fake Amazon Local Emails Deliver Malware

Beware of an email in circulation claiming to be from Amazon Local, which mentions invoices for an order you never actually made.

If you buy a lot of goods from Amazon there’s always the possibility you might fall for this one in the general deluge of legitimate payment confirmation emails.

Fake Amazon mail

The mail reads:

Order Details

Good evening,
Thank you for your order. We’ll let you know once your item(s) have dispatched. You can check the status of your order or make changes to it by visiting Your Orders on

Order Details
Order QL7770203 Placed on May 15, 2014

Order details and invoice in attached file.

Need to make changes to your order? Visit our Help page for more information and video guides.

We hope to see you again soon.

Note that the email mentions the order was placed on the 15th, which adds to the illusion of “Wait…did I actually order this but forget about it?”

The attachment is called, though it had already been scrubbed from the service it was sent to up above so we can’t give more information on it at this time.

You can see more examples of what appear to be related campaign mails over on this CISCO alert.

As with all fake order mails, be very cautious around attachments and if there’s an order you’re not sure about then login to Amazon or [merchant x] and see if you actually are missing a delivery.

Chances are, the only thing waiting in your mailbox is some malware.

Christopher Boyd

  • Pingback: A Week in Security (Jun 22 – 28) | Malwarebytes Unpacked

  • fairplay08

    Thanks for the info, Christopher. I order a lot of stuff from Amazon and this is very helpful. Have a great day and 4th of July! Vicki

  • mjiu

    I have this email message available if anyone wants to look at it. I know someone who opened it, which then unleashed a **** storm of Internet Explorer shenanigans along with application errors. Then it emailed to others in the inbox.

  • James Thomas

    Why won’t the US Government stop this and similar massive cyberattacks on its citizens? If it can snoop on every email, you can be darned sure it could shut this nonsense down in a heartbeat. Yet it refuses to do so. Why?

  • Petitorenji

    I keep getting these!!! Thanks for the update.

Subscribe to our YouTube Channel