bill-swift - June 24, 2012
Email scams are pretty easy to pick out and identify. As far as scams go, they're pretty transparent in the sense that they don't always get your information right. For example, if you get notifications from Classmates.com and it's addressed to someone else, then that's probably not yours. Or it's a scam, through and through.
That in itself as a huge warning sign, so if the alarms ring, it's time to hit the 'Spam' button and delete that message. More emails of this kind are currently on the loose, like these emails purportedly from Amazon.com that will redirect users to malicious and compromised websites.
Experts from security firm GFI have come across these emails, reporting that they're usually sent out with a subject that reads: "Your Amazon.com order confirmation" from a sender named Amazon.com. Yes, that's right; "Amazon.com" is the sender name, not the address.
The spammers behind this scam aren't so bright, however, as they've addressed the emails to multiple recipients. No online store does that, and especially not retailing giant Amazon.
All links in the email body, apart from the linked email address, lead users to the same HTML page that are hosted on various legitimate but compromised WordPress domains.
-- Jovi Umawing, security expert at GFI
The compromised URLs contain the Blackhole exploit code, which grants cyber criminals access to your computer remotely so they can get your information, steal your stuff, and maybe even turn your machine into a botnet.
So here's what you should do: install an anti-virus program if you haven't already, keep it updated, and do a check on all your current software, especially those from Adobe, to make sure they're all patched up and up-to-date.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.