• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
      • Identity theft
    • Malware
      • Ransomware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » News » Amazon Gift Card Scam Steals Bank Accounts

Amazon Gift Card Scam Steals Bank Accounts

2020-12-28 by Michelle Dvorak Leave a Comment

Amazon Gift Card Scam

Dridex malware delivered via emailed fake Amazon gift cards

Consumers in the United States and Western Europe are being targeted by an Amazon gift card scam. If fooled by the fake digital Amazon gift cards, the victim’s computer is infected with Dridex malware. Dridex steals bank account credentials as well as other sensitive data from the infected device.

The cybercriminals use three tactics to compromise the victim’s computer with Dridex. In all three techniques, the victim is tricked into downloading a harmful email attachment that infects their computer with Dridex banking Trojan.

Shoppers are sent legitimate looking emails claiming they have received a downloadable Amazon gift card from someone they know.

“Consumers have long been a favored target for cybercriminals, and the sharply increased volume of online shopping spurred by the COVID-19 pandemic have made consumer-focused attacks potentially even more attractive,” say cyber security researchers at the Cybereason Nocturnus Team.

Index Malware -Image credit: Cybereason

What is Dridex Malware?

Dridex malware is a banking Trojan. When a device is compromised by Dridex, it sends all banking information discovered on the infected device – like bank account numbers and online banking login credentials to servers controlled by the attackers. The attackers use the information to gain access to your bank account and steal money.

This banking Trojan has been in use for at least eight years and is the work of cybercriminals that go by the moniker Evil Corp. Dridex is commonly delivered via phishing emails that contain weaponized Microsoft Office email attachments.

“When carrying out such attacks, threat actors spend a great deal of time customizing the themes used to get the attention of an unsuspecting victim,” says Cybereason.

In October, Evil Corp crippled Garmin services with a WastedLocker ransomware attack. Garmin makes wearable trackers and other GPS devices for its fitness and navigation customers.

Amazon Gift Card Scam Delivery Methods

  1. Phishing email – In the first delivery tactic, the victim is sent a phishing email that contains a malicious Microsoft Word document. The Word document has the words “gift card” in its filename followed by some numbers. If the victim clicks and the MS Word document and has macros enabled, their device is infected with Dridex. However, most people have macros disabled by default because macros can be used by attackers to run computer code. To ensure delivery, the malicious Word document prompts the victim to “enable content” that will allow macros to run. A VBScript file is then executed which infects the device with malware.
  2. Screensaver – With the second delivery technique, the attackers send the victim a phishing email with an SCR file attachment. An SCR file is a screensaver file. This type of attachment is more likely to get past anti-malware apps and email filters that protect email accounts. The SCR extension email attachment has an Amazon gift card as part of the filename and uses an Amazon icon to help trick the victim. The SCR file can execute other computer code that infects the users’ devices. When the victim downloads the file to retrieve their fake gift card, their device is infected with Dridex malware.
  3. Malicious email link – In the third infection tactic there is no email attachment. Instead, the victim is tricked into clicking on a malicious link in the body of the email. If the victim is fooled and clicks on the link, it downloads VBScript files that run malware.

How to Protect Yourself from a Gift Card Scam

Cyber criminals commonly send emails disguised as notifications from major brands that everybody knows. Attackers can also send emails that appear to be from someone in your address book. In reality, the email is sent from elsewhere and is cleverly disguised.

  1. Never click on links in any unsolicited emails – this includes gift cards, password reset requests, or any other type of notification.
  2. Never download an email attachment if you weren’t expecting something to be sent to you.
  3. Be especially suspicious of any email that urges you to act quickly. For example, an email telling you must click on a link or downloaded attachment within two hours or face a financial penalty. Cyber criminals countdown you acting without thinking or scrutinizing the contents of the email. This way they can affect infect as many devices as quickly as possible.
  4. Use a reliable email scanner app an anti-virus app to help protect your phones, laptops tablets, and computers. the security app will screen emails and websites that act harmful email attachments, malicious links, and website second steel your money and passwords.

Filed Under: News Tagged With: amazon, Dridex, Evil Corp, scam

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Reader Interactions

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

511 Tactical

WHAT TO SHOP NOW

Shop

Safeguard Your Money with a VPN

Beat the Stock Market! - Get Rule Breakers!

Malwarebytes Anti-Virus is On Sale!

Shop Kaspersky Anti-Virus

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Covid Data on the Darkweb: Saturday Sitrep

Adobe Flash Player Hits End of Life

Cyber Security Analyst, with Polygraph – General Dynamics

Most Common Password List 2020

India Approves WhatsApp Pay

Categories

Cyber Security News

Covid Data on the Darkweb: Saturday Sitrep

… [Read More...] about Covid Data on the Darkweb: Saturday Sitrep

Adobe Flash Player Hits End of Life

… [Read More...] about Adobe Flash Player Hits End of Life

Most Common Password List 2020

… [Read More...] about Most Common Password List 2020

India Approves WhatsApp Pay

… [Read More...] about India Approves WhatsApp Pay

More Cyber Security News

Tags

amazon Android Apple bitcoin Career China chrome CISA credit card Cyber Attack Cyber security Data Breach data privacy DHS Equifax Facebook FBI Firefox FTC games GDPR Google Government hack hacker identity theft iPhone Iran IRS malware Microsoft North Korea PayPal phishing phishing email ransomware Russia scam smartphone TikTok tutorial VPN web browser WhatsApp WiFi

Government

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

Texas DOT Hit by Ransomware Attack

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • News
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version