“Shipping Information for..” spam uses a Google redirector and copy.com to distribute malware

This fake shipping spam contains malware.. although it appears that it may be buggy and might not install properly.

From:     fatmazohra.mekhalfia@groupehasnaoui.com

Subject:     Shipping Information for [redacted]

Please see the shipping info

Processed on Oct 15/ 2014

“This is to inform you that the package is being shipped to you. We also provided delivery terms to specified address.

Order number: 611541106
Order total: 3000.28 USD
Shipping date: Oct 16th 2014.

Please hit the button provided at the bottom to see more info about your package.”

Shipping Invoice



The link in the email goes to https://www.google.com/url?q=https%3A%2F%2Fcopy.com%2FEl9fd4VfLkfN%2FTrackShipment_0351.PDF.scr%3Fdownload %3D1&sa=D&sntz=1&usg=AFQjCNE0-3UrX7jNPzSGYodsQVzmBhrwMA which bounces through Google and then downloads a malicious executable TrackShipment_0351.PDF.scr which is a malware file.

Sharing is caring!


Leave a Reply

Your email address will not be published. Required fields are marked *