Fake Walgreens Order Email Opens Malware Website

Outline

Order Email purporting to be from US pharmacy retailing chain Walgreens claims that you can find more information about a recent order by clicking a link.  

Brief Analysis

The email is not from Walgreens. Clicking the link opens a website that contains malware. Criminals are sending similar malware emails that pretend to be from Costco, Walmart, and other popular stores.

Example

Detailed Analysis

This email, which purports to be from US pharmacy retailing chain Walgreens, claims that the company has received an order addressed to you. Supposedly, you are required to confirm the order within four days.

The message instructs you to click a link to access detailed information about the order.

However, the email is not from Walgreens.  Clicking the link opens a compromised website that harbours malware. The malware may start downloading automatically. Or, a message on the website may ask you to download a file. If you are using a non-Windows operating system, you may receive a message noting that the software is not available for your computer.

The download will usually be a .zip file with a .exe file inside. Clicking the .exe file installs the malware.

The malware payload delivered in these campaigns may vary. Such malware can collect sensitive information from your computer and send it to criminals. It may also download further malware and allow criminals to take control of your computer. In this case, the  malware  may attempt to add your computer to the infamous  Asprox Botnet.

Alternative versions of these fake order emails claim to be from Costco, Walmart, and several other well-known stores.

If you receive one of these emails, do not click any links or open any attachments that it contains.

Original Source : https://www.hoax-slayer.net/fake-walgreens-order-email-opens-malware-website/