Application security, Malware

New Locky ransomware campaign sets sights on Amazon customers

Amazon customers are the target of a wide-ranging phishing email scam intended to fool recipients into opening up a malicious attachment that results in the downloading of Locky ransomware.

Comodo Threat Research Labs detected the attack earlier this week, according to an article in Comodo's new Defend magazine. The seemingly benign email arrives with the sender email address [email protected], and the subject line: “Your Amazon.com order has dispatched,” along with an order code. The body is empty, but it's the attachment users have to look out for.

The attachment is a Word document containing malicious macro codes, which if enabled execute downloading of the Locky payload. Recipients are prompted upon opening the document to change Microsoft's settings to enable these macros – a tactic that has had a recent resurgence in popularity among cybercriminals.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.