National Health Anti-Fraud Association Complaint Scam Email
Outline Email purporting to be from the National Health Anti-Fraud Association (NHCAA) claims that a complaint has been made against the recipient and urges him or her to review the complaint details via an attached document.
Brief Analysis The message is not from the the NHCAA and the attachment contains malware. The supposed complaint is nothing more than a ruse employed by Internet criminals to trick recipients into running a program that will install malicious software on their computers. If you receive such a message, do not open any attachments that it may contain or click on any links in the message.
Example:
Subject: Complaint registered against you
We have received a complaint regardding transaction No: 8711322 dated
01/28/2010 in value of $ 2.871,00 representing the check issued by your
company to Fillmore Inc that was later deposited in the companies bank
account.
If you feel this is an error please review the attached complaint document
and contact us imediatly with proof to clear out this situation.
The copy of the check issued to your name is attached to this email as well
as the original complaint.
Please call at 800-2661-7711 to sort out this situation. Your email was
provided by the persson that filed the complaint.
You can also get in touch with our staff using the information on our
website.
NHCAA - National Health Anti-Fraud Association
Detailed Analysis
This email claims to be from US based organization, the National Health Care Anti-Fraud Association (NHCAA). According to the email, the NHCAA has received a complaint against the recipient about a transaction involving payment to another entity. The message urges the recipient to open an attached file that supposedly contains detailed information about the complaint.
However, the email is not from NHCAA and the supposed complaint does not exist. The message is designed to panic recipients into opening the attachment in the mistaken belief that they may be able to resolve the supposed complaint before further action is taken against them. Opening the attachment loads a Microsoft Word document that contains nothing but an embedded file that is disguised as a harmless .pdf. Clicking what appears to be a .pdf in fact launches a .exe file that will install malicious software on the user's computer.
It has come to our attention that an email with the subject line: “A complaint has been filed against you” was sent out using a false NHCAA email address. This is a fraudulent email – a scam initiated by someone NOT associated with NHCAA. NHCAA is currently investigating this issue.
This is certainly not the first time that Internet criminals have attempted to trick people into installing malware or worms via bogus complaint messages. In 2007, bogus complaint emails that pretended to be from the Federal Trade Commission were used to distribute information-stealing trojans. And in 2008, emails were being distributed that complained that the recipient was sending out virus emails and demanding that he or she open an attached log file that supposedly proved these allegations. However, this bogus "log file" actually contained malware.
Internet users should be very cautious of any unsolicited email that claims that a complaint has been directed against them. It is unlikely that any legitimate organization would contact a person named in a complaint via an unsolicited email. As in the example above, such scam emails are often characterized by poor or unusual spelling and grammar and an unnecessary sense of urgency
If you receive such an email, do not open any attachments that come with the message. Do not follow any links in the email. If in doubt, always check the veracity of such a message by contacting the named organization directly. Do not use any contact details listed in the email, as these are likely to connect directly to the criminals responsible for the bogus emails rather than the targeted organization.
