Malware email has been sent to Subway customers

Right now, only Subway customer that stay in the United Kingdom (UK) have been receiving malware emails such as scamming method and phishing attack. On the malware emails, it contains the victim’s names and it appears that the attacker gains the information from the chains Subcard loyalty scheme.

What happened?!

The victims of the attack will log the complaint on the malware emails where the context of the email is seeking confirmation of the order from the user on the fast-food chain/delivery and surprisingly it contains links to the malware.

Subway phishing email

Source: Twitter

The link provide in the email is surprisedly lead to a various website and it will land on the phishing website such as FreshBooks phishing page as shown below:

FreshBooks phishing landing page

Some attached files that normally attackers will usually lead to a document that asking for “Enable editing” and “Enable Content” in order to modify the document itself

Even though, the firm has been acknowledged on the attack but the firm has not been said on the customer’s details that stored in their database have been compromised by the attacker.

A spokesperson of the company have been said that:

We are aware of some disruption to our email systems and understand some of our guests have received an unauthorised email.

Reference: Subway customers receive ‘malware’ emails