The Latest in IT Security

Amazon.com spam / cool-mail.net

09
Jun
2012

These fake Amazon.com spam emails lead to malware on cool-mail.net:

Date:      Fri, 8 Jun 2012 10:26:01 -0600
From:      Amazon.com ([email protected])
Subject:      Your Kindle e-book Amazon.com receipt.

Thanks for your order, xxxxxxxxxxxx!

Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.

Order Information:

E-mail Address: xxxxxxxxxxxx
Billing Address:
Av.
GAHANNA
United States
Phone: 1-564-536-5200

Order Grand Total: $ 89.99
   
Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More

Order Summary:
Details:
Order #:     Y32-4367039-9487640
Subtotal of items:     $ 89.99
    ——
Total before tax:     $ 89.99
Tax Collected:     $0.00
    ——
Grand Total:     $ 80.00
Gift Certificates:     $ 9.99
    ——
Total for this Order:     $ 89.99

The following item is auto-delivered to your Kindle or other device. You can view more information about this order by clicking on the title on the Manage Your Kindle page at Amazon.com.
The Witness by Nora Roberts [Kindle Edition] $ 89.99
Sold By: Random House Digital, Inc.

You can review your orders in Your Account. If you’ve explored the links on that page but still have a question, please visit our online Help Department.

Please note: This e-mail was sent from a notification-only address that cannot accept incoming e-mail. Please do not reply to this message.

Thanks again for shopping with us.

Amazon.com
Earth’s Biggest Selection

Prefer not to receive HTML mail? Click here

=================

Date:      Fri, 8 Jun 2012 21:55:42 +0530
From:      Amazon.com ([email protected])
Subject:      Your Amazon.com order confirmation.

Thanks for your order, xxxxxxxxxxxx!

Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.

Order Information:

E-mail Address: xxxxxxxxxxxx
Billing Address:
370 Id
GAHANNA
United States
Phone: 1-564-536-5200

Order Grand Total: $ 55.99
   
Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More

Order Summary:
Details:
Order #:     O10-8086470-1458769
Subtotal of items:     $ 55.99
    ——
Total before tax:     $ 55.99
Tax Collected:     $0.00
    ——
Grand Total:     $ 50.00
Gift Certificates:     $ 5.99
    ——
Total for this Order:     $ 55.99

The following item is auto-delivered to your Kindle or other device. You can view more information about this order by clicking on the title on the Manage Your Kindle page at Amazon.com.
The Promise: A Novel [Kindle Edition] $ 55.99
Sold By: Random House Digital, Inc.

You can review your orders in Your Account. If you’ve explored the links on that page but still have a question, please visit our online Help Department.

Please note: This e-mail was sent from a notification-only address that cannot accept incoming e-mail. Please do not reply to this message.

Thanks again for shopping with us.

Amazon.com
Earth’s Biggest Selection

Prefer not to receive HTML mail? Click here

The victim bounces through a random hacked site and is delivered to a malicious payload on [donotclick]cool-mail.net/main.php?page=640db37c90c88306 (report here) which is hosted on 84.106.114.97 (Ziggo, Netherlands).

Of some note is the fact that the domain is privacy protected.. normally they just supply fake details. Nameservers are provided by the ns1.grapecomputers.net (31.170.106.39, Bradler & Krantz, Germany) and ns2.grapecomputers.net (77.144.63.18, SFR, France).

The following domains are also associated with these malicious sites and should be avoided:
lifelovework.net
bestcompdefence.net
sitkatacotruck.com
yoursystemdefender.com

which are associated with several other scam and malware sites.

Leave a reply


Categories

MONDAY, DECEMBER 16, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments