Amazon Hype Exploited by Cybercriminals in New Email Scam

Posted by Emmanuel Marshall on 07 December 2017 15:00:00 AEDT

This morning the MailGuard system detected a new scam using fake payment receipts. These criminal-intent emails link to fake ‘receipt’ files which actually contain malicious JavaScript code (see screenshot above).

Today’s spin on this familiar scam formula was the exploitation of Amazon’s name to deceive victims.

Amazon is in the process of launching a host of new services in Australia, so this fraudulent email leveraging their brand-name is clearly trying to capitalise on the current buzz around the company.

These emails are trying to entice victims to click on the ‘order confirmation receipt’ link. The link actually opens a zipped JavaScript file; see screenshot below:


JavaScript files are not used for simple documents like receipts, so they are a red flag for scam detection.
JavaScript is typically used by scammers to infect computers with viruses or install spyware.

If you’re caught up in the Amazon excitement, don’t get caught out by this scam. 


Don't Get Caught Out 

For comprehensive inbox security, protect your business with MailGuard's cloud-based email and web filtering systems.
Talk to an expert at MailGuard today about making your network secure: click here.


Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates



Topics: Phishing Cybersecurity fraud Amazon email scam

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all