Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 117 - August 2011 - Page 9

Credit Card Overdue Malware Email

Issue 117 Start Menu

Previous Article            Next Article

Outline
Email claims that the recipient's credit card is overdue and that he or she should open an attached file to review a financial statement.



Brief Analysis
The email is a scam. The attached file contains a trojan. Once installed, the trojan will download a rogue computer repair program that tries to trick users into paying a fee to fix errors it has supposedly detected on the infected computer.

Bookmark and Share
Detailed analysis and references below example.



Last updated: 9th July 2011
First published: 9th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
From: Notification Robot
Subject: Your Credit Card is one week overdue


Dear Customer,

Your Credit Card is one week overdue.
Below your Card information

Customer 9535358629
Number XXXXXX
Card Limit XXXXXX
Pay Date 29 Jun 2011

The details are attached to this e-mail.
Please read the financial statement properly.

If you pay the debt within 2 days, there will be no extra-charges.
In 2 days $25 late fee and a finance charge will be imposed on your account.

Please do not reply to this email, it's automatic mail notification.

Thank you.

Message includes attached file named :"Financial_statement#97906.zip"



Detailed Analysis
This email claims that the recipient's credit card is one week overdue and that extra charges will be imposed if the debt is not settled within two days. The message urges recipients to open an attached file to read a financial statement about the supposed debt.

However, the message is certainly not from a legitimate credit card provider and the attachment does not contain a financial statement. In fact, the message is a scam designed to trick users into installing malware on their computers. The attached .zip file harbours an executable file that, if opened, will install a downloader trojan.

This trojan will in turn download and install a rogue computer repair program. The rogue software will display fake error messages that prompt the user to restart the infected computer. Once the computer is restarted, the rogue software will display the results of a bogus performance scan. The scan results will falsely claim that there are a number of serious problems with the computer that need to be repaired.

Victims are then prompted to use their credit card to pay a licence fee, supposedly so that the repair software can fix the problems detected in the "scan". Thus, victims are tricked into paying a fee for a useless program that they think will fix computer problems that did not exist in the first place. And, of course, they are also handing over their credit card details to Internet criminals.

"From" and "Subject" lines and other details in the text of the scam messages may vary from the above example. Some versions claim to be from a "Notification Robot", while others have the words "Important Information" in the email's "From" field. The name of the attached file may also vary.

No financial institution or credit card provider is ever likely to send you an unsolicited email that prompts you to open an attached file or click a link to view a financial statement. If you receive such a message, do not open any attachments that it may contain. Do not follow any links in the message, as scammers often try to trick users into visiting a bogus website that, like the attachments, harbours malware. Phishing scammers also use similar tactics to trick people into divulging personal and financial information.

Bookmark and Share References
Fake Credit Card Overdue Emails Distribute Scareware
Phishing Scams - Anti-Phishing Information



Previous Article            Next Article

Issue 117 Start Menu

Pages in this month's issue:
  1. FB Security "Hacker" and "Virus" Warning
  2. Hoax: HIV Infected Blood In Pepsi
  3. Advance Fee Scam - Facebook 2011 Sweepstakes Online Lottery
  4. Hugh Hefner is NOT Dead - R.I.P. Hugh Hefner Facebook Virus Warning Hoax
  5. Wrench 3D Printing Viral Video
  6. Fake News Report Falsely Claims Mark Zuckerberg Arrested for Child Molestation
  7. Shutdown Cell Phone Virtual Kidnapping Scam Warning
  8. Facebook 'Virus' Warning - Girl in a Plaid Skirt
  9. Credit Card Overdue Malware Email
  10. Mobile Phone Misinformation - XALAN and #90 Hoax
  11. Hoax Warning: Lost Child Lure - 'New Way for Gang Members to Rape Women
  12. Hoax: Nadia Comaneci's Gymnast Granddaughter Viral Video
  13. 'Facebook Has Sent You a Message' Pharmacy Spam
  14. ''Uniform Traffic Ticket' Malware Email
  15. IRS 'Unable To Process Your Tax Return' Malware Email
  16. Nestle Banana Baby Food Recall Warning
  17. Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue
  18. Hoax - Nagasaki Arch Survives Both Atomic Bomb and Tsunami
  19. Alert From Facebook Security Team Phishing Scam
  20. Dollar Bills Stamped With 'NO GOD BUT ALLAH'