IT security experts warned internet users yesterday to be wary of emails claiming to come from Amazon that threaten to delete more than 300 pounds sterling from recipients' credit cards.
The mails are actually acting as a vector for the Clagger-K trojan, which if activated by unwitting recipients, could allow a remote hacker to take full control of their PCs.
The spam emails, which are spreading globally, typically have the following characteristics:
"From: Amazon.co.uk Subject: Your payment done.
We're writing to let you know that we've initiated a transfer from your bank account
(Last 4-digits: 0402) for the following amount:
GBP 313.14 (ORDER #0220873 , DATE #20.03.2006)
Funds should leave account in approximately three to five working days.
See your statement details in attachment.
To review your account at any time, please access your Account Summary If you have any questions or concerns regarding this settlement, please contact us at firstname.lastname@example.org
Amazon.co.uk Marketplace -- Amazon Services Europe S.a.r.l. Sell Your Stuff
Attached file: STATEMENT_#0220873.exe"
"These emails do not really come from Amazon, and clicking on the attached file will install a malicious trojan horse on your computer," said Graham Cluley, senior technology consultant at Sophos. "Once it has slipped under your radar, this trojan is capable of downloading further malicious code from the internet, giving hackers access to your PC. A real message from Amazon would never contain an attached executable file, and people should always think carefully before running unsolicited code on their computer."