As if consumers didn’t have enough to worry about this holiday season. A recent report from Krebs On Security outlines how shoppers may experience a spike in phishing attempts via fake “order confirmation” e-mails which appear branded with the logos and imagery of widely-trusted retail outlets. Some more detail about this particular series of phishing attempts:
According to Malcovery, a company that closely tracks email-based malware attacks, these phony “order confirmation” spam campaigns began around Thanksgiving, and use both booby-trapped links and attached files in a bid to infect recipients’ Windows PCs with the malware that powers the Asprox spam botnet.
A basic rule of thumb applies: If you don’t recognize where the e-mail is coming from or don’t remember making a purchase at a retailer that sends you an “order confirmation” e-mail, don’t click on the link.