You Are Here: Home » E-Threats » Alerts » Fake Amazon Order Confirmation Promises 55” TV Set, Delivers Malware

Fake Amazon Order Confirmation Promises 55” TV Set, Delivers Malware

A recent spam campaign abuses the world’s largest online retailer,, to promise a 55” TV set but instead direct users to a malware-laden page and infect them with a notorious exploit kit. Bitdefender Antispam Lab came across an increasing number of such e-mails crafted to look like Amazon order confirmations.

The fake notifications, which appear to confirm the order of 55” TVs associated with brands ranging from Sony, LG and Samsung to Vizio, Akai, Panasonic, Sanyo and Toshiba, fail to deliver television sets, but do deliver malware via BlackHole.  This piece of malware attempts to exploit vulnerabilities on the user’s PC to push malicious code depending on the system weakness it finds.  It usually works, since many users don’t keep their software up to date or patched with the latest security fixes.

Some tag lines American online buyers need to avoid these days look like these:

       order of Vizio G55UH4030 55-Inch

       order of Sony S554P3030 55-Inch

       order of Akai NML55GUG030 55-Inch

       order of Samsung UN55HQ5010 55-Inch

       order of Toshiba TB55QX5030 55-Inch

       order of Sanyo I55TZ4050 55-Inch

       order of Panasonic UN55EH6010 55-Inch

       order of LG A55LG27020 55-Inch

The order appears to have been placed on May 29 and provides buyers with an estimated delivery date set sometime between May 30 and May 31, 2013. All e-mails are addressed to buyers with delivery addresses all across the United States, including Los Altos, PA, Annandale, AK, Salem, DC, Pasadena, PA, Santa Barbara, WA, Cohoes, NE and more.

The e-mails contain links that, when accessed, redirect users to a malicious domain or[removed] that infects people with BlackHole. The website was set up a few days back, on the 20th of May and hosted on servers in Kenya, Germany, Brazil and the US.

Given that Amazon talks about a customer base of 137 million and that TV sets are among the top electronic choices of people all over the world, scammers have a pretty good shot at finding innocent victims to infect with malware.

In parallel, scammers also run a recycled old PayPal payment receipt scam to also cover the millions of PayPal accounts owners with their bogus e-mails.

This time, however, spammers were in a hurry and forgot to change the date in the template they used in February. They were perhaps more concerned with updating the links to redirect people to fresh set up malicious pages hosted on new active domains.

Bitdefender blocks the spam e-mails and the malicious website, so users who have the antivirus solution installed are protected. The company advises users to keep their software updated, including their antivirus.

This article is based on the spam samples provided courtesy of Adrian TOMA, Bitdefender Spam Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About The Author

E-Threat Analyst

A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

Number of Entries : 298

Comments (6)

  • Kevin

    I got this email scam today saying I had bought a Akai NT05560K010 55-Inch. Presuming it to be bogus, I didn’t click anywhere on the email. I went to my, checked my orders, and didn’t see such an order. Then I deleted the email.

    Why can’t these people get a life putting their talents to productive use instead of malware and stealing.

    Thank you Loradena for your service here!


Leave a Comment

© 2012 Powered By Bitdefender

Scroll to top