Payment Accepted Emails – Don't Click

Uploaded on 2019-01-14 in NEWS-Cybersecurity News, FREE TO VIEW

Emails, which purports to be a ‘payment accepted” notification from an online store, claims that your order has been processed and yet you never ordered the item.  The email includes the supposed order number along with cost and delivery details for the purchase. The order numbers in the body of the email are clickable links.

Despite its appearance, however, the email is not a genuine order notification. Instead, it is a ruse designed to trick you into downloading malware.

The criminals who distribute the email hope that at least some recipients will mistakenly believe that their credit card has been used to make a fraudulent transaction online.  Those thus tricked may click one of the links in the email in the hope of finding out more about the supposed order.

But, clicking any of the links in the email downloads a .zip file. The zip file harbours malicious software that, if opened, will install malware on your computer.

The exact nature of the malware may vary. It may be ransomware which will lock up your computer files and then demand that you pay a fee to online criminals to get an unlock code. Or, it may be designed to steal passwords and other sensitive financial and personal information from your computer.

Note that details, such as the order number, the name of the online store, and the supposed cost may vary in different incarnations of the message.

Hoax Slayer:            Image: Nick Youngson

You Might Also Read:

Don't Underestimate The Impact Of Phishing:

 

 

« NASA Discloses A Data Breach
Breaking Down Five 2018 Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Renaissance

Renaissance

Renaissance is Ireland's premier value added distributor of IT security solutions and a leading independent provider of business continuity consultancy.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

CSA Events

CSA Events

Cloud Security Alliance conducts a series of conferences around the world. This listing provides a link to details of upcoming events.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

VaultOne

VaultOne

VaultOne is a next-generation security solution that addresses security issues from different domains (Password Manager, Secure Access, PAM, Identity Management) as a single, integrated solution.

Accredia

Accredia

Accredia is the national accreditation body for Italy. The directory of members provides details of organisations offering certification services for ISO 27001.

TechStak

TechStak

TechStak is the easiest way for businesses to find and connect with IT Pros and other technology solution providers in their area.

Startup Wise Guys

Startup Wise Guys

Startup Wise Guys is a mentorship-driven accelerator program for early stage B2B SaaS, Fintech, Cybersecurity & Defense AI startups.

IT Search

IT Search

IT Search is a specialist IT recruitment company focusing on Cyber Security, IT Infrastructure, Software, Data, Digital Transformation and C Suite leadership positions.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

Canopius Group

Canopius Group

Canopius is a global specialty lines insurance and reinsurance company and one of the top 10 insurers in the Lloyd’s insurance market.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.