Fake Amazon Purchase Email Targets Bitcoin Wallets

The world of Bitcoin and digital currency has been plagued by scams, hacks, and more recently, malware and ransomware. Malicious individuals have managed to create a piece of ransomware which encrypts all of your files, and will only decrypt after paying with Bitcoin. Thankfully, those days are gradually moving behind us. That being said, there is a new piece of malware hitting the streets, which will go after any and all digital currency wallet(s) you have running on your computer.

A Malicious Amazon Purchase Email

Ever since most of our communication took on a digital aspect, the internet has become a sandbox for malicious individuals who like nothing more than coming up with creative ways to take your money. Whether it’s a Nigerian prince who needs to move money out of the country or a random lottery draw you have won, everyday people need to tread very carefully.

The latest email that might catch your attention – but hopefully won’t – is a so-called Amazon purchase under your name. As soon as a user opens the Word file in the attachments of this email, a piece of malware will be installed on the host computer, and start scanning all of your files and folders for digital currency wallets.

Troy Gill, AppRiver’s Manager of Security Research, told DigitalMoneyTimes:

“Over the past week we have been monitoring (and blocking) a stream of malicious emails attempting to pose as legitimate Amazon purchase confirmation. The messages simply state that ‘your order has been confirmed’ and contains a small amount of detail. The user being targeted is directed to an attached .doc file for the shipping and tracking details.”

Just by opening up the Word file itself, you are not exposing your machine to the malware just yet. If your word client does not have Macros enabled – which most people have never used – the malware will not be able to install itself.  Inside this document is the malicious macro which will, in turn, install the malware on your system.

Should your machine get infected, however, the malware will wreak havoc in a very short amount of time. Not only will it try to retrieve passwords and credentials from any browser you have installed on your system, but it will also target any digital currency-related software. At this point, attacks on Bitcoin, Electrum, Litecoin and Terracoin have been confirmed by various AppRiver reports.

Digital Currency – A High Profile Target

‘This behaviour (stealing Crypto currency) is something we have been seeing with more frequency as of late. The anonymous nature and lack of regulation in the cryptocurrency market make it more akin to stealing actual cash than to committing wire fraud by raiding someone’s online bank accounts. But in this case the cybercriminals are okay with that too – the last observed behaviour was to drop a copy of the Zeus Trojan to be used to capture and steal bank related information.Troy Gill continued.

Granted, all of these malicious attacks are bringing both a negative and positive focus on Bitcoin and digital currency. Negative, in the sense that everyday consumers are now even less likely to trust Bitcoin, simply because it can be stolen “easily” and is a non-reversible payment method, unlike traditional payment options. Then again, if this malware steals your Paypal or Skrill information, your money will be gone as well, and recovering funds will take a long time – or it might not happen at all.

On the positive side, these kind of stories keep Bitcoin relevant in the eyes of mainstream media. As most everyday people still rely on major mainstream media sources, the more times we can get the name Bitcoin mentioned-  preferably in a positive context though – the sooner it will stick in their minds.

Source: Information Age

Images courtesy of Shutterstock