Following the recent malware scams using various popular brands, like Craigslist, Vodafone, Apple, Verizon, and LinkedIn – some new phishing emails are popping up yet again this week, purporting to be from Amazon, PayPal, Twitter, Habbo Hotel and Classmates.com – a social networking site.
As you can see below, the emails look very professional and convincing. In each email there is a link that takes users to a compromised site which is characteristic of this phishing email. When the user visits the site, it will redirect to an exploit page that infects the system with a Trojan. It appears that these phishing emails come from the same malware family as in our previous post.
One thing to take note of with these phishing emails is they do not use your name in full as seen in the genuine notification emails. For example in the salutation phrase, the genuine email would usually read “Hello John Doe”, whereas these phishing emails instead use your email id or email address in a format such as “Hello john.d” or “Hello [email protected]”.