New Locky ransomware campaign sets sights on Amazon customers

A new email phishing campaign discovered by Comodo Group is designed to tricky Amazon customers into downloading Locky ransomware.
A new email phishing campaign discovered by Comodo Group is designed to tricky Amazon customers into downloading Locky ransomware.

Amazon customers are the target of a wide-ranging phishing email scam intended to fool recipients into opening up a malicious attachment that results in the downloading of Locky ransomware.

Comodo Threat Research Labs detected the attack earlier this week, according to an article in Comodo's new Defend magazine. The seemingly benign email arrives with the sender email address auto-shipping@amazon.com, and the subject line: “Your Amazon.com order has dispatched,” along with an order code. The body is empty, but it's the attachment users have to look out for.

The attachment is a Word document containing malicious macro codes, which if enabled execute downloading of the Locky payload. Recipients are prompted upon opening the document to change Microsoft's settings to enable these macros – a tactic that has had a recent resurgence in popularity among cybercriminals.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS