SCAM ALERT: New Variant of Ransomware Preys on Amazon Customers

What is the threat?

There is new variation of ransomware that is disguised to look like an email coming directly from Amazon. An attachment to the “spoofed” email carries malware and can immediately harm your computer and your company’s network. Spoofed email addresses fool people because they mimic addresses of known well known and reputable companies such as Amazon. Unlike the old version of spoofed emails where one or two letters may be changed, these new spoofed email addresses or domains look completely identical to the real thing. This new threat has come from This email address is being protected from spambots. You need JavaScript enabled to view it. with the title “Your Amazon.com order has dispatched”.

How do you get the virus?

Attached to the spoofed email is a word document that when opened, deploys the infamous cryptolocker virus in a scheme known as ransomware. Unfortunately, this virus will infect everything that it can reach and doesn’t care whom the intended recipient was. The virus will make all of your data unavailable to you by encrypting every file on your computer (and possibly your network). The perpetrator will then threaten to permanently destroy all of your files including pictures, documents, databases, and more — unless you pay the ransom.

Why Amazon?

Amazon has a long history of cyber criminals exploiting the mega online retail store. With more than 244 million customers spending over $100 billion a year, Amazon users make an easy target for ransom ware attacks. When a cyber criminal blasts out a malicious email to thousands of email addresses in the US, the odds are favorable that several existing Amazon customers will receive the email. If you are a frequent Amazon customer, you should be especially cautious and more diligent than ever before in learning how to recognize, avoid, and defend yourself against the cyber-attacks.

How Can I Protect Myself?

  1. Don’t open unexpected attachments, call the sender to verify its authenticity prior to opening.
  2. If you cannot confirm the authenticity of an email or attachment, delete the email immediately.
  3. Consider investing in an email filtering and spam protection such as Reflexion. This will keep the majority of infected emails from even reaching your inbox in the first place.
  4. As a safeguard, always have a secure backup solution in place. In the event that you do become infected with malware, you will be able to quickly recover and restore all of your files.
  5. If you think that you have received a scam appearing to be from Amazon, report it to This email address is being protected from spambots. You need JavaScript enabled to view it. and contact a certified security consultant to ensure that your network has not been harmed.
If you have been a victim of a ransomware attack and/or would like to learn how to protect your network and your data, please contact a Hilltop Consultants' Cyber Security specialist today!