Payment Accepted Emails – Don't Click

Uploaded on 2019-01-14 in NEWS-Cybersecurity News, FREE TO VIEW

Emails, which purports to be a ‘payment accepted” notification from an online store, claims that your order has been processed and yet you never ordered the item.  The email includes the supposed order number along with cost and delivery details for the purchase. The order numbers in the body of the email are clickable links.

Despite its appearance, however, the email is not a genuine order notification. Instead, it is a ruse designed to trick you into downloading malware.

The criminals who distribute the email hope that at least some recipients will mistakenly believe that their credit card has been used to make a fraudulent transaction online.  Those thus tricked may click one of the links in the email in the hope of finding out more about the supposed order.

But, clicking any of the links in the email downloads a .zip file. The zip file harbours malicious software that, if opened, will install malware on your computer.

The exact nature of the malware may vary. It may be ransomware which will lock up your computer files and then demand that you pay a fee to online criminals to get an unlock code. Or, it may be designed to steal passwords and other sensitive financial and personal information from your computer.

Note that details, such as the order number, the name of the online store, and the supposed cost may vary in different incarnations of the message.

Hoax Slayer:            Image: Nick Youngson

You Might Also Read:

Don't Underestimate The Impact Of Phishing:

 

 

« NASA Discloses A Data Breach
Breaking Down Five 2018 Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Versa Networks

Versa Networks

Versa is a software-defined networking vendor providing an end-to-end solution that both simplifies and secures the WAN/branch office network.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

HCL Technologies

HCL Technologies

HCL offer an integrated portfolio of products, solutions and services built around Digital, IoT, Cloud, Automation, Cybersecurity, Analytics, Infrastructure Management and Engineering Services.

QuickLaunch

QuickLaunch

QuickLaunch transforms how cloud-savvy institutions and companies manage human and device authentication, authorization, access control and integration.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

Securance Consulting

Securance Consulting

Since 2002, Securance has empowered enterprises to assume proactive security, compliance, and risk management strategies.

EDGE Group

EDGE Group

EDGE is one of the world’s leading advanced technology groups, established to develop agile, bold and disruptive solutions for defence and beyond.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

ZAG Technical Services

ZAG Technical Services

ZAG Technical Services is an award-winning information technology consulting firm delivering digital transformation solutions, IT assessments, managed services, security, and support.

Databarracks

Databarracks

Databarracks deliver award winning IT resilience and continuity services. We help organisations get the most out of the cloud and protect their data, wherever it lives.

SOCRadar

SOCRadar

SOCRadar is an Extended Threat Intelligence (XTI) SaaS platform that combines External Attack Surface Management (EASM), Digital Risk Protection Services (DRPS), and Cyber Threat Intelligence (CTI).