Virus alert: “Amazon Local order”

Here is an example of a recent new virus. In this email, you can see that the message appears to come from Amazon Local. It contains an attachment that is supposed to be the order details:


Trojan downloader

However, the attachment has a long filename. It starts with “report_id_” and is followed by a long number:

Attachement that does not show the file extension

 

Then it ends with “.exe” which means that it is some kind of program! We should assume that it is a malicious program!
Clicking on this link will activate a Trojan downloader that will infect your computer.


Attachment that does show the file extension: program!
Attachment that does show the file extension: “.exe” – a program!

The best thing to do is to delete this message immediately.

If by any chance you have clicked on this link (or any link similar to this) you should do a “system restore” as soon as possible to revert the operating system to an earlier date. (Our program Magen has a button for that.) This will prevent viruses from running on your computer until your antivirus program is updated with the virus signature. (It usually takes about 3 weeks for antivirus programs to catch up with new viruses.) When your antivirus program is updated it will then remove the virus corpse.

Be “Malware Vigilant!” Better safe than sorry.

The message transcript:
“How do you do,,
Thank you for your order. We’ll let you know once your item(s) have dispatched.You can view the status of your order or make changes to it by visiting Your Orders on Amazon.com.
Order Details
Order R:121216 Placed on June 28, 2014
Order details and invoice in attached file.
Need to make changes to your order? Visit our Help page for more information and video guides.
We hope to see you again soon. Amazon.com”