Payment Accepted Emails – Don't Click

Uploaded on 2019-01-14 in NEWS-Cybersecurity News, FREE TO VIEW

Emails, which purports to be a ‘payment accepted” notification from an online store, claims that your order has been processed and yet you never ordered the item.  The email includes the supposed order number along with cost and delivery details for the purchase. The order numbers in the body of the email are clickable links.

Despite its appearance, however, the email is not a genuine order notification. Instead, it is a ruse designed to trick you into downloading malware.

The criminals who distribute the email hope that at least some recipients will mistakenly believe that their credit card has been used to make a fraudulent transaction online.  Those thus tricked may click one of the links in the email in the hope of finding out more about the supposed order.

But, clicking any of the links in the email downloads a .zip file. The zip file harbours malicious software that, if opened, will install malware on your computer.

The exact nature of the malware may vary. It may be ransomware which will lock up your computer files and then demand that you pay a fee to online criminals to get an unlock code. Or, it may be designed to steal passwords and other sensitive financial and personal information from your computer.

Note that details, such as the order number, the name of the online store, and the supposed cost may vary in different incarnations of the message.

Hoax Slayer:            Image: Nick Youngson

You Might Also Read:

Don't Underestimate The Impact Of Phishing:

 

 

« NASA Discloses A Data Breach
Breaking Down Five 2018 Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Actiphy

Actiphy

Actiphy provides a tried and proven backup and disaster recovery software solution to ensure business continuity at all times.

Bit4id

Bit4id

Bit4id provides software and systems for security and identification based on PKI technology.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Firedome

Firedome

Firedome's tailormade solution for IoT companies is designed to proactively prevent, detect, and respond to inevitable vulnerabilities in connected devices.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Duality Technologies

Duality Technologies

Duality Technologies combine Advanced Cryptography with Data Science to deliver High-Performance Privacy-Protecting Computing to Regulated Industries.

PreCog Security

PreCog Security

PreCog Security is a US based cybersecurity risk mitigation company. We specialize in helping you find, minimize and manage vulnerability risk within your product, network and process.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Data Defenders

Data Defenders

Data Defenders provide information security technology solutions that empower consumers, businesses and governments with safe and secure IT and cybersecurity infrastructures.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

Zynap

Zynap

Zynap is an Advanced AI-powered SaaS platform replicating cybercriminal tactics to predict, detect, and neutralize threats before they strike.