A malware attack targeted specifically at businesses and consumers who make purchases from Pandora Jewelers has arrived, just in time for the last-minute Christmas shopping rush.
Pandora, an international Danish jewelry manufacturer and retailer known for its customizable charm bracelets, rings and necklaces, is a new phishing target, according to the Comodo Antispam Labs (CASL) team.
The email spoofing threat arrives from the sender address custserv@aquae.kao6161.com, with the subject line “Pandora Clearance.” The mail uses language that capitalizes on the public’s desire for an extreme sale. The format is designed to capture credit card and financial information from businesses or consumers who try and make a purchase.
“The e-mail appears to be from a fictitious jewelry reseller advertising a Pandora Jewelry sale,” explained CASL, in a blog. “Pandora Jewelry typically allows its official resellers to promote the sale of their products via their own store websites and through e-mail promotions, which is why this phishing email can be so dangerous to unsuspecting victims.”
The email screen that viewers initially see has a “Shop Now” section, which is where the cyber-thieves are looking for businesses and consumers to click to begin shopping (a.k.a., to give up their financial information). The links provided should have pointed to http://www.pandora.net, however, the target links are directed to the malicious http://www.bestpandorajewelry.com/index.html—a domain registered in China.
“Phishing emails are one of the biggest threats for technology users today, because they are abusing the trust that is built between consumers, business and brands,” said Fatih Orhan, director of technology for Comodo and the Comodo Antispam Labs. “The hackers are pretending to be from a trustworthy entity such as a business owner, an e-commerce site or a popular social network, with the intention to steal [a] customer’s credentials and/or financial information. At Comodo, we work diligently in creating innovative technology solutions that stay a step ahead of the cyber-criminals, and keep enterprises and IT environments safe.”
Photo © Leya_G