Home Archive Dell Online Store Trojan Email

Dell Online Store Trojan Email

by Brett M. Christensen

Outline:
Email claims to confirm a Dell Online Store credit card order for a digital camera worth $865 AUD


Status:
False

Example:
Subject: Your order #34214223 has been accepted for the amount 865.00 AUD

Thank you for shopping with us.

Your order #34214223 Canon DF-E037 8.0 MP Digital Camera has been accepted for the amount 865.00 AUD.

Your card will be charged in that amount.

Thank you for your purchase.

You can check the order in your profile.

[Link to malicious website removed]

Thank you.
Dell Online Store.



Detailed Analysis:
In May 2007, people began reporting an unsolicited email purporting to be an order confirmation for a digital camera from the Dell Online Store. The message claims that the recipient’s credit card has been charged for a Canon DF-E037 8.0 MP Digital Camera at a cost of 865.00 AUD. A link in the email supposedly leads to a website where the recipient can check the order.

However, the claims in the message are untrue. Although the sender may appear to be a legitimate Dell email address, the address is bogus and the message does not originate from Dell. Instead, the email is intended to trick the recipient into downloading information stealing malware to his or her computer. The link in the email leads to a malicious website that installs a trojan that can then search for sensitive information such as bank account numbers stored on the infected computer.

Unsuspecting recipients will have a natural inclination to investigate what they perceive as an unauthorized charge to their credit card and may therefore click on the link in the mistaken belief that they will access more information about the supposed order. The hacker capitalizes on the likelihood that his potential victim will be panicked or angered by the supposed charge and may therefore be more inclined to click on the included link without due caution. Similar tactics are commonly used by scammers and hackers.

If you receive an email like the example shown above, do not click on any links in the message. In fact, be very caution of clicking on links in any unsolicited emails. If you receive an unsolicited message that appears to relate to a credit card purchase that you did not make, contact your credit card provider or the vendor directly rather than follow a link in the message.


Last updated: 18th May 2007
First published: 18th May 2007
By Brett M. Christensen
About Hoax-Slayer

References
Experts comment on fake Dell email
AL-AusCert – Dell online Store Trojan emails

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer