55-Inch TV Amazon.com spam / federal-credit-union.com

This fake Amazon.com spam leads to malware on federal-credit-union.com:


From:     auto-confirm@email.amazon.net [loyolay3@emalsrv.amazonmail.com]
Reply-To:     "auto-confirm@email.amazon.net" [loyolay3@emalsrv.amazonmail.com]
Date:     29 May 2013 16:55
Subject:     Amazon.com order of Samsung UN554X6050 55-Inch

Kindle Store  |  Your Account  |  Amazon.com Order Confirmation Order #134-8080453-8538443

[redacted] Thank you for shopping with us. We’d like to let you know that Amazon has received your order, and is preparing it for shipment. Your estimated delivery date is below. If you would like to view the status of your order or make any changes to it, please visit Your Orders on Amazon.com.

Your estimated delivery date is: Thursday, May 30, 2013 - Friday, May 31, 2013 Your shipping speed: Next Day Air Your order was sent to: Tyler Scott 2516 Columbia Dr Washington, WA 40830-9361 United States

Order Details

Order #134-8080453-8538443 Placed on Wensday, May 29, 2013

Samsung UN554X6050 55-Inch 1080p 120Hz LED 3D HDTV (Dark Grey) Electronics In Stock Sold by World Wide Stereo, Inc. $1,099.99

Item Subtotal: $1,099.99 Shipping & Handling: $0.00 Total Before Tax: $1,099.99 Estimated Tax: $0.00 Order Total: $1,099.99

To learn more about ordering, go to Ordering from Amazon.com. If you want more information or need more assistance, go to Help.

Thank you for shopping with us. Amazon.com

Unless otherwise noted, items are sold by Amazon.com LLC and taxed if shipped to Kansas, North Dakota, New York, Kentucky or Washington. If your order contains one or more items from an Amazon.com partner it may be subject to state and local sales tax, depending on the state to which the item is being shipped. Learn more about tax and seller information. This email was sent from a notification-only address that cannot accept incoming email. Please do not reply to this message.

I have also seen a similar spam with the subject "Amazon.com order of Sharp UN55EH5080 55-Inch" and I guess there are others. The spam goes through a legitimate hacked site and ends up on [donotclick]federal-credit-union.com/news/basic_dream-goods.php (report here). Luckily right at the moment this domain is suspended and won't work, however. There is a very large number of connected domains though which I am compiling a blocklist for and will post later..

Update: some other subjects include "Amazon.com order of Panasonic UN55EH6030 55-Inch" and "Amazon.com order of Akai NPK55KR9070 55-Inch".

Update 2: the malicious landing page has been replaced  with one using the domain ozonatorz.com.