In the past week and a half, I’ve received nearly a half dozen emails claiming to be from Amazon.com. They are definitely not from Amazon.com but they may fool some people into thinking that they are. They claim to be confirming an order which I supposedly placed but which I know to be bogus. the email invites me to click on an attachment with a file name like report.zip. The zip file contains a file ending with .pdf.exe. If your computer is set to hide extensions for known file types, you may think that the file is a .pdf file. It’s not; it’s an executable program. Interestingly, both Microsoft Security Essentials and MalwareBytes find nothing wrong with the file but that doesn’t mean anything. It could just open your Web browser and take you to a Web page which could do any number of things. Of course, I’m not planning on finding out. I sent a copy of the email to firstname.lastname@example.org, which is an email address set up by Amazon which you can use to send copies of these fake email messages for them to investigate.
For the record, Amazon.com doesn’t send confirmation emails with attachments and their emails don’t have glaring spelling or grammatical errors. I’ll end this post by pasting a copy of the bogus email, just so that you can see the nonsense they’re sending in an attempt to trick you.
Thanks for your order. Well let you know once your item(s) have dispatched.You can view the status of your order or make changes to it by visiting Your Orders on Amazon.com. Order Details
Order FC0506442 Placed on March 12, 2014
Order details and invoice in attached file.
Need to make changes to your order? Visit our Help page for more information and video guides. We hope to see you again soon. Amazon.com