Newegg has grown into a company of global size, and with this comes the territory of scams being associated with you. These are commonly free laptops, gaming consoles, or whatever else people may like. In this case, the scammers try to ask the users to reset their passwords on Newegg?s site with a fake email that appears to be from Newegg and looks like a Newegg email.

McAfee reports that they believe that there is not only a sophisticated forgery of a Newegg sales receipt going around, but that they also believe that there is a botnet that is attempting to abuse Newegg?s password reset system in order to continue the scam. They report that in less than 1 percent of cases, the spammers appear to be taking advantage of the password reset option on the Newegg website to generate the emails. McAfee states, ?To continue the scam: The victims receive a forged Newegg purchase receipt shortly after seeing the legitimate password reset notice. If recipients are anxious about account tampering, they may be willing to release a quarantined spam message that claims to be a purchase receipt because they feel their accounts may have been compromised.?

The spam mail that the victims receive looks and feels just like a Newegg email which is partly because it forges the RFC 821 received headers to make it look like it was received from Newegg?s service. And in typical infectious fashion, it also contains an HTML attachment that uses JavaScript to forward the victim to a website that delivers a fake anti-virus program that is in effect a facade for malware. Users who want to check their Newegg accounts should not use any links in an email but should go straight to newegg.com. One of the fixes that would likely could be the implementation of a CAPTCHA during password reset in order to prevent automated or scripted events such as this one. Even though CAPTCHA isn?t perfect, it is an additional hurdle for malware writers to overcome even though we all know it won?t necessarily stop them. Newegg states that it is investigating this issue to determine any customer impact and that it is researching any actions the company may need to take to help its customers avoid phishing scams that take advantage of their brand.