Pre-Valentine’s Day email attacks mimic flower & lingerie stores

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware

With Valentine’s Day approaching this weekend, several people have received “recent order” email confirmations for flowers or lingerie. These emails are part of a new spear-phishing attack which include a malicious attached pdf that delivers the BazaLoader malware payload.

What is BazaLoader? Well, it’s primary function is to open a back door to your computer and allow cybercriminals to do whatever they want to your machines, including monitoring your actions, holding systems for ransom and spreading malware to others.

Valentine’s Day has been a popular phishing theme over the past few years. For example, last February a malicious email campaign aimed at iPhone owners tried to convince them to download a fake dating app. And the year before scammers used the holiday as an excuse to flood inboxes with Valentine’s Day themed spam with promises of companionship. 

It just goes to show that Valentine’s Day, like most other holidays, presents an opportunity for a variety of threat actors to take advantage of unsuspecting victims. Make sure you and your employees are brushed up on your security awareness training, especially on the section on how to identify and protect users from email phishing attacks. Cybercriminals get better every month so if your training is even a few months old, it’s worth revising.

Need some help with that? Feel free to reach out, we can help.

Stay safe out there

-A