The operators behind Dridex have a nefarious trick up their sleeves this holiday season: A widespread phishing scam promises victims a $100 Amazon gift card but instead delivers the prolific banking Trojan to target machines.
This campaign first appeared around Halloween and picked up in the beginning of November, the Cybereason Nocturnus team reports. Most targets are from the United States and Western Europe, where Amazon is very popular and people may be more likely to fall for a scam like this – especially at a time when online shopping and gift-giving is more prevalent due to COVID-19.
Victims receive an email that claims to be delivering a gift from Amazon: “We are delighted to enclose a $100 Amazon gift card as our way of saying Thank You,” a sample message says. The researchers found most emails pretend to come from Amazon, though exact wording may…