Right now, only Subway customer that stay in the United Kingdom (UK) have been receiving malware emails such as scamming method and phishing attack. On the malware emails, it contains the victim’s names and it appears that the attacker gains the information from the chains Subcard loyalty scheme.
The victims of the attack will log the complaint on the malware emails where the context of the email is seeking confirmation of the order from the user on the fast-food chain/delivery and surprisingly it contains links to the malware.
The link provide in the email is surprisedly lead to a various website and it will land on the phishing website such as FreshBooks phishing page as shown below:
Some attached files that normally attackers will usually lead to a document that asking for “Enable editing” and “Enable Content” in order to modify the document itself
Even though, the firm has been acknowledged on the attack but the firm has not been said on the customer’s details that stored in their database have been compromised by the attacker.
A spokesperson of the company have been said that:
We are aware of some disruption to our email systems and understand some of our guests have received an unauthorised email.
Reference: Subway customers receive ‘malware’ emails