Skip to main content

Phishing attack hits Pandora customers


Shoppers making purchases from specialty jewelry retailer Pandora may find an unwelcome holiday greeting in their inbox.

According to a new advisory from cybersecurity firm Comodo’s Antispam Labs team, a malware attack is specifically targeting businesses and consumers who make purchases from Pandora, which is headquartered in Denmark but conducts operations globally, including in the U.S.

The email promotes a phony extreme sale and is designed to capture credit card and financial information from business or consumers who try to make a purchase. It arrived from the sender address [email protected] with the subject line “Pandora Clearance.”

The email appears to be from a fictitious jewelry reseller advertising a Pandora jewelry sale. Pandora typically allows its official resellers to promote the sale of their products via their own store websites and through email promotions.

The Comodo Antispam Labs team identified the Pandora phishing email through IP, domain, and URL analysis.

The links provided should have pointed to, however, the target links are directed to

“Phishing emails are one of the biggest threats for technology users today, because they are abusing the trust that is built between consumers, business and brands,” said Fatih Orhan, director of technology for Comodo and the Comodo Antispam Labs. “The hackers are pretending to be from a trustworthy entity such as a business owner, an e-commerce site or a popular social network, with the intention to steal customer’s credentials and/or financial information.”

Retailers need to be aware that fraudsters are targeting their customers with scams and attacks that happen completely outside a retailer’s firewall or infrastructure. Ideally, Pandora will post a warning about this scam on its website or even email recent customers to notify them. Harried shoppers looking through volumes of email for discounts are easy prey for this type of attack, and fairly or not will likely blame the retailer if they are victimized.

This ad will auto-close in 10 seconds