The email message below with the subject: "Your Amazon.co.uk order} 837-1171095-3201918," has malicious Microsoft Word document attached to it that will infect your Windows computer if you open it. The message was not sent by Amazon and was designed to trick the recipients into opening the malicious attachment, disguised as an invoice. So, if you receive the same email message, please do not attempt to open the attachment.
Please continue reading below.
The Virus Email Message
From: AMAZON.CO.UK [order @amazon.co.uk]
Date: 13 October 2014 08:32
Subject: Your Amazon.co.uk order} 837-1171095-3201918
Hello,
Thanks for your order. We’ll let you know once your item(s) have dispatched.You can view the status of your order or make changes to it by visiting Your Orders on Amazon.co.uk.
Order Details
Order #837-1171095-3201918 Placed on October 11, 2014
Order details and invoice in attached file.
Need to make changes to your order? Visit our Help page for more information and video guides.
We hope to see you again soon. Amazon.co.uk
The email message contains a Microsoft Word document with a name of random numbers. The document contains a set of Macro instructions that will download a malicious file from the following website:
-
weststarradio.co.uk/js/1.bin.exe
The malicious Microsoft Word document is dangerous to you if you open it and enable "Macros".
The website weststarradio.co.uk may have been compromised and the malicious file 1.bin.exe placed on it.
We found the following threats after scanning the malicious file:
-
MSIL5.VYV
-
Trojan/Win32.Inject
-
MSIL:GenMalicious-AUO [Trj]
-
Trojan.PWS.Panda.5676
-
Backdoor.Androm 20141015
-
Spyware.ZeuS.Dyn
-
BehavesLike.Win32.Backdoor.dh 20141015
-
Troj/Msil-ANY
The cybercriminals behind these malicious email messages aims are to trick the curious recipients into opening the malicious attachment, which will infect their computers with a virus or Trojan horse.
Once your computer has become infected with this malicious Trojan horse, the cybercriminals behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.
Now, if you have already opened the malicious attachment, please do a full scan of your computer with the antivirus software installed on it. The name of the attachment may change, so be careful when opening email attachments.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.
Click here for a list of email attachments you should never open, regardless of where they came from.
For a list of other virus email messages, please click here.
This virus email message is related to the following:
Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.
Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com
Also, report scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.
If you want to quickly find answers to your questions, use our search ![]()
engine.
Remember to help us, help you, by donating. 🎁Click here to donate
Please continue reading below.