Issue 117 - August 2011 - Page 14
'Uniform Traffic Ticket' Malware Email
Email claiming to be a notification of a traffic ticket for speeding from the New York State Police urges the recipient to print out the ticket contained in an attached file and post it to the Town Court.
The message is not from police and the attachment does not contain a speeding ticket. The attachment contains malware.
Detailed analysis and references below example.
Last updated: 6th July 2011
First published: 6th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
From: Police agency
Subject: UNIFORM TRAFFIC TICKET
New York State ó Department of Motor Vehicles
UNIFORM TRAFFIC TICKET
NEW YORK STATE POLICE
Local Police Code
THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS
Time: 7:25 AM
Date of Offense: 07/02/2011
IN VIOLATION OF
NYS V AND T LAW
Description of Violation:
SPEED OVER 55 ZONE
TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117
Email incudes an attached file named "Ticket.zip"
This email, which purports to be from the New York State Police, claims that the recipient has been charged with speeding in violation of New York State law. The message advises recipients wishing to plead the case to print out a traffic ticket contained in an attached file and mail it to the Town Court at Chatam Hall.
However, the message is certainly not from New York State Police and the attachment does not contain a speeding ticket. In fact, the attachment contains a trojan that, if opened, can install itself on the userís computer. Typically, such trojans are able to contact a remote server and download further malware that can steal information from the infected computer and allow criminals to control it from afar.
In this case, the criminals responsible for the malware emails obviously hope that their message will panic people into opening the attachment without due care and attention. A great many of the people who receive one of these widely distributed emails will not have even been in New York on the date specified. Thus, at least some, fearing a major error by the police, are likely to immediately open the attachment with the intention of sending off the supposed ticket and pleading their innocence. Such simple - but often quite effective - social engineering tricks have proved very useful for scammers over many years.
Police departments are very unlikely to send people traffic violations via unsolicited emails. This tactic is similar to another current malware campaign
in which recipients are instructed to open an attached file in an email purporting to be from the IRS.
Be very cautious of any unsolicited email that claims to be from police or a government department and instructs you to open an attached file or follow a link. Such tactics are commonly used by criminals intent on distributing malware or tricking recipients into divulging personal and financial information via phishing scams
IRS 'Unable To Process Your Tax Return' Malware Email
Phishing Scams - Anti-Phishing Information
Pages in this month's issue:
- FB Security "Hacker" and "Virus" Warning
- Hoax: HIV Infected Blood In Pepsi
- Advance Fee Scam - Facebook 2011 Sweepstakes Online Lottery
- Hugh Hefner is NOT Dead - R.I.P. Hugh Hefner Facebook Virus Warning Hoax
- Wrench 3D Printing Viral Video
- Fake News Report Falsely Claims Mark Zuckerberg Arrested for Child Molestation
- Shutdown Cell Phone Virtual Kidnapping Scam Warning
- Facebook 'Virus' Warning - Girl in a Plaid Skirt
- Credit Card Overdue Malware Email
- Mobile Phone Misinformation - XALAN and #90 Hoax
- Hoax Warning: Lost Child Lure - 'New Way for Gang Members to Rape Women
- Hoax: Nadia Comaneci's Gymnast Granddaughter Viral Video
- 'Facebook Has Sent You a Message' Pharmacy Spam
- ''Uniform Traffic Ticket' Malware Email
- IRS 'Unable To Process Your Tax Return' Malware Email
- Nestle Banana Baby Food Recall Warning
- Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue
- Hoax - Nagasaki Arch Survives Both Atomic Bomb and Tsunami
- Alert From Facebook Security Team Phishing Scam
- Dollar Bills Stamped With 'NO GOD BUT ALLAH'