Dridex malware delivered via emailed fake Amazon gift cards Consumers in the United States and Western Europe are being targeted by an Amazon gift card scam. If fooled by the fake digital Amazon gift cards, the victim's computer is infected with Dridex malware. Dridex steals bank account credentials as well as other sensitive data from the infected device. The cybercriminals use three tactics to compromise the victim\u2019s computer with Dridex. In all three techniques, the victim is tricked into downloading a harmful email attachment that infects their computer with Dridex banking Trojan. Shoppers are sent legitimate looking emails claiming they have received a downloadable Amazon gift card from someone they know. \u201cConsumers have long been a favored target for cybercriminals, and the sharply increased volume of online shopping spurred by the COVID-19 pandemic have made consumer-focused attacks potentially even more attractive,\u201d say cyber security researchers at the Cybereason Nocturnus Team. Index Malware -Image credit: Cybereason What is Dridex Malware? Dridex malware is a banking Trojan. When a device is compromised by Dridex, it sends all banking information discovered on the infected device \u2013 like bank account numbers and online banking login credentials to servers controlled by the attackers. The attackers use the information to gain access to your bank account and steal money. This banking Trojan has been in use for at least eight years and is the work of cybercriminals that go by the moniker Evil Corp. Dridex is commonly delivered via phishing emails that contain weaponized Microsoft Office email attachments. \u201cWhen carrying out such attacks, threat actors spend a great deal of time customizing the themes used to get the attention of an unsuspecting victim,\u201d says Cybereason. In October, Evil Corp crippled Garmin services with a WastedLocker ransomware attack. Garmin makes wearable trackers and other GPS devices for its fitness and navigation customers. Amazon Gift Card Scam Delivery Methods Phishing email \u2013 In the first delivery tactic, the victim is sent a phishing email that contains a malicious Microsoft Word document. The Word document has the words \u201cgift card\u201d in its filename followed by some numbers. If the victim clicks and the MS Word document and has macros enabled, their device is infected with Dridex. However, most people have macros disabled by default because macros can be used by attackers to run computer code. To ensure delivery, the malicious Word document prompts the victim to \u201cenable content\u201d that will allow macros to run. A VBScript file is then executed which infects the device with malware.Screensaver \u2013 With the second delivery technique, the attackers send the victim a phishing email with an SCR file attachment. An SCR file is a screensaver file. This type of attachment is more likely to get past anti-malware apps and email filters that protect email accounts. The SCR extension email attachment has an Amazon gift card as part of the filename and uses an Amazon icon to help trick the victim. The SCR file can execute other computer code that infects the users\u2019 devices. When the victim downloads the file to retrieve their fake gift card, their device is infected with Dridex malware. Malicious email link - In the third infection tactic there is no email attachment. Instead, the victim is tricked into clicking on a malicious link in the body of the email. If the victim is fooled and clicks on the link, it downloads VBScript files that run malware. How to Protect Yourself from a Gift Card Scam Cyber criminals commonly send emails disguised as notifications from major brands that everybody knows. Attackers can also send emails that appear to be from someone in your address book. In reality, the email is sent from elsewhere and is cleverly disguised. Never click on links in any unsolicited emails - this includes gift cards, password reset requests, or any other type of notification.Never download an email attachment if you weren't expecting something to be sent to you.Be especially suspicious of any email that urges you to act quickly. For example, an email telling you must click on a link or downloaded attachment within two hours or face a financial penalty. Cyber criminals countdown you acting without thinking or scrutinizing the contents of the email. This way they can affect infect as many devices as quickly as possible.Use a reliable email scanner app an anti-virus app to help protect your phones, laptops tablets, and computers. the security app will screen emails and websites that act harmful email attachments, malicious links, and website second steel your money and passwords.