Microsoft warns internet users for Amazon emails that try to infect computers with ransomware. With Black Friday and Cyber Monday coming up, cybercriminals hope more users are susceptible for opening an attachment coming from a popular online retailer.
In this case the malcious emails appear to be from Amazon and state that the order has been sent out. The criminals behind the scam have tried to make the mail look as legitimate as possible and the mail has a .ZIP file attached that 'contains information about the order'.
In reality it contains a Javascript file with obfuscated code that is known a Nemucod, a Trojan downloader that will download the Locky ransomware to the computer that will start to encrypt files on the computer.
"We see it every year: social engineering attacks that take advantage of the online shopping activities around Black Friday and Cyber Monday, targeting customers of online retailers", Duc Nguyen and Wei Li write in a blog on Microsoft's website.
As usual, Microsoft advises to not open emails and especially attachments from unknown addresses. Amazon also has a helpful page that can assist in identifying between a legitimate and fake email from the online retail giant.
