Infected Fake Emails from Online Retailers

Symantec Security Response is advising users to take extra precautions when opening emails from online retailers.

On July 24, 2006 Symantec Security Response observed an increase in email activity through Symantec’s Global Intelligence Network. The emails contain a message and or attachment about an online order supposedly placed by the recipient. These emails appear to come from a legitimate online retailer, but in fact the emails are coming from a malicious attacker. The message indicates that the attached file is the invoice for the order, but instead it contains a backdoor trojan, and if executed will compromise the user’s computer.

Symantec Security Response has determined that these emails are variants of the Haxdoor backdoor trojan. Virus definitions released on July 24, 2006 by Symantec will detect this threat as Backdoor.Haxdoor.O. Some variants of this threat may already be detected as Backdoor.Haxdoor.I. Symantec advises users to be suspicious of unexpected emails that contain attachments claiming to be from online retailers. Symantec will closely monitor this situation and will provide updates and security content as it becomes available.

To reduce the possibility of being affected by security vulnerabilities, Symantec Security Response advises users to do the following:

1. Never open files contained in emails sent by those you don’t know and trust.
2. Regularly run Windows Update and install the latest security updates to keep software up to date.
3. Use an Internet security solution such as Norton Internet Security to protect against today's known and tomorrow's unknown threats.

Norton Internet Security 2006
Provides essential protection from viruses, hackers, and privacy threats.
Learn More
Buy this Product