Home Cybersecurity Bogus Purchase Notification Emails Serves Up Malware Through Malicious Dropbox Links

Bogus Purchase Notification Emails Serves Up Malware Through Malicious Dropbox Links

Posted: October 4, 2014

dropbox malwareHackers sometimes have it too easy as the abundance of gullible computer users that they seek out, and attack are in large numbers and growing by the day. Also, growing by each day are new sophisticated methods for spreading malware, one that is utilizing emails claiming to inform computer users of an alleged pricey purchase only to gain the unadulterated attention of a gullible computer user. The particular email message circulating is one that has a link to "download your invoice" for allegedly confirming an outrageous purchase. Only in this message, the link sends web browsers directly to a source for downloading and installing malware.

It is nothing new to find cybercrooks and hackers exploiting computer users through bogus emails or spam messages. In the recent rash of messages claiming to be a confirmation to a large purchase as shown quoted below, the link is one that directs users through the Dropbox services, a popular online storage that can be shared amongst many who have access to the internet.

Example Text of Bogus Purchase Notification Email Containing Malicious Dropbox Links:

Thanks for placing order with us to day! Your order is currently processing.

BILLING INFOR MATION

Order Nu mber: ESC491547171

Purchase Date: 9:27 Thursday, Oct 2, 2014

Customer Email:

Amount: 6249 USD

View an order file

Please visit the link given at the top to have more information about this issue.

The particular Dropbox link used in this recent malware campaign is one that downloads a Zip file, identified as "Order_X7141.zip." This file contains a virus or a Trojan horse that will load on your system upon opening it and allowing it to initialize on a Windows PC. Researchers have found that removal of this mysterious infection has only been successful through the use of antivirus or antispyware software.

Dropbox has long been a popular service for sharing files over the internet. It isn't all that surprising to find Dropbox being exploited for spreading malware by means of a widely popular malicious email campaign.

Experts believe that we have not seen the end of this particular attack by use of nefarious email messages containing a malicious link via Dropbox to download and install malware. There may be other purposes that hackers behind this attack have in store for their spreading malware, such as conducting DDoS (distributed denial of service) attacks. Other sneaky actions may be scanning websites for vulnerabilities or even pilfering for login data on certain systems to later be used for accessing online banking accounts or other internet accounts. There is also a possibility of spreading a malicious botnet by means of aggressive malware files that turn an infected system into a virtual zombie awaiting instructions to carry out malicious actions on the internet.

Computer users are strongly urged to utilize caution when dealing with unsolicited emails. Messages that contain malicious links are, usually, the one to gain the most attention. If you know with a certainty you did not make a purchase for several thousands of dollars, do not even begin to open an email claiming that you did such a thing.

Loading...