Payment Accepted Emails – Don't Click

Uploaded on 2019-01-14 in NEWS-Cybersecurity News, FREE TO VIEW

Emails, which purports to be a ‘payment accepted” notification from an online store, claims that your order has been processed and yet you never ordered the item.  The email includes the supposed order number along with cost and delivery details for the purchase. The order numbers in the body of the email are clickable links.

Despite its appearance, however, the email is not a genuine order notification. Instead, it is a ruse designed to trick you into downloading malware.

The criminals who distribute the email hope that at least some recipients will mistakenly believe that their credit card has been used to make a fraudulent transaction online.  Those thus tricked may click one of the links in the email in the hope of finding out more about the supposed order.

But, clicking any of the links in the email downloads a .zip file. The zip file harbours malicious software that, if opened, will install malware on your computer.

The exact nature of the malware may vary. It may be ransomware which will lock up your computer files and then demand that you pay a fee to online criminals to get an unlock code. Or, it may be designed to steal passwords and other sensitive financial and personal information from your computer.

Note that details, such as the order number, the name of the online store, and the supposed cost may vary in different incarnations of the message.

Hoax Slayer:            Image: Nick Youngson

You Might Also Read:

Don't Underestimate The Impact Of Phishing:

 

 

« NASA Discloses A Data Breach
Breaking Down Five 2018 Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

UZCERT

UZCERT

UZCERT is the national Computer Emergency Response Team for Uzbekistan.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

Valtori

Valtori

Government ICT Centre Valtori provides sector-independent ICT services for the central government, while taking into account the special requirements related to security and preparedness.

Business Continuity

Business Continuity

Business Continuity delivers integrated IT solutions for cybersecurity, virtualization, cloud platforms and operational security solutions.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

24By7Security

24By7Security

24By7Security are Cybersecurity & Compliance Specialists with extensive hands on experience helping businesses build a defensive IT Infrastructure against all cyber security threats.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Blok Cyber Security

Blok Cyber Security

Blok provide small businesses and sole traders, with affordable, managed Cyber Security Packages that offer immediate protection and peace of mind.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Filigran

Filigran

Filigran provides threat intelligence, adversary simulation and crisis response open solutions to thousands of cybersecurity and crisis management teams across the world.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.