• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Amazon Gift Card Scam Steals Bank Accounts

Amazon Gift Card Scam Steals Bank Accounts

2020-12-28 by Michelle Dvorak

Amazon Gift Card Scam

Dridex malware delivered via emailed fake Amazon gift cards

Consumers in the United States and Western Europe are being targeted by an Amazon gift card scam. If fooled by the fake digital Amazon gift cards, the victim’s computer is infected with Dridex malware. Dridex steals bank account credentials as well as other sensitive data from the infected device.

The cybercriminals use three tactics to compromise the victim’s computer with Dridex. In all three techniques, the victim is tricked into downloading a harmful email attachment that infects their computer with Dridex banking Trojan.

Shoppers are sent legitimate looking emails claiming they have received a downloadable Amazon gift card from someone they know.

“Consumers have long been a favored target for cybercriminals, and the sharply increased volume of online shopping spurred by the COVID-19 pandemic have made consumer-focused attacks potentially even more attractive,” say cyber security researchers at the Cybereason Nocturnus Team.

Index Malware -Image credit: Cybereason

What is Dridex Malware?

Dridex malware is a banking Trojan. When a device is compromised by Dridex, it sends all banking information discovered on the infected device – like bank account numbers and online banking login credentials to servers controlled by the attackers. The attackers use the information to gain access to your bank account and steal money.

This banking Trojan has been in use for at least eight years and is the work of cybercriminals that go by the moniker Evil Corp. Dridex is commonly delivered via phishing emails that contain weaponized Microsoft Office email attachments.

“When carrying out such attacks, threat actors spend a great deal of time customizing the themes used to get the attention of an unsuspecting victim,” says Cybereason.

In October, Evil Corp crippled Garmin services with a WastedLocker ransomware attack. Garmin makes wearable trackers and other GPS devices for its fitness and navigation customers.

Amazon Gift Card Scam Delivery Methods

  1. Phishing email – In the first delivery tactic, the victim is sent a phishing email that contains a malicious Microsoft Word document. The Word document has the words “gift card” in its filename followed by some numbers. If the victim clicks and the MS Word document and has macros enabled, their device is infected with Dridex. However, most people have macros disabled by default because macros can be used by attackers to run computer code. To ensure delivery, the malicious Word document prompts the victim to “enable content” that will allow macros to run. A VBScript file is then executed which infects the device with malware.
  2. Screensaver – With the second delivery technique, the attackers send the victim a phishing email with an SCR file attachment. An SCR file is a screensaver file. This type of attachment is more likely to get past anti-malware apps and email filters that protect email accounts. The SCR extension email attachment has an Amazon gift card as part of the filename and uses an Amazon icon to help trick the victim. The SCR file can execute other computer code that infects the users’ devices. When the victim downloads the file to retrieve their fake gift card, their device is infected with Dridex malware.
  3. Malicious email link – In the third infection tactic there is no email attachment. Instead, the victim is tricked into clicking on a malicious link in the body of the email. If the victim is fooled and clicks on the link, it downloads VBScript files that run malware.

How to Protect Yourself from a Gift Card Scam

Cyber criminals commonly send emails disguised as notifications from major brands that everybody knows. Attackers can also send emails that appear to be from someone in your address book. In reality, the email is sent from elsewhere and is cleverly disguised.

  1. Never click on links in any unsolicited emails – this includes gift cards, password reset requests, or any other type of notification.
  2. Never download an email attachment if you weren’t expecting something to be sent to you.
  3. Be especially suspicious of any email that urges you to act quickly. For example, an email telling you must click on a link or downloaded attachment within two hours or face a financial penalty. Cyber criminals countdown you acting without thinking or scrutinizing the contents of the email. This way they can affect infect as many devices as quickly as possible.
  4. Use a reliable email scanner app an anti-virus app to help protect your phones, laptops tablets, and computers. the security app will screen emails and websites that act harmful email attachments, malicious links, and website second steel your money and passwords.

Filed Under: News Tagged With: amazon, Dridex, Evil Corp

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version