Issue 119 - October 2011 - Page 17
'Your Credit Card is Blocked' Malware Emails
Emails purporting to be from credit card providers claim that the recipient's credit card has been blocked due to a suspicious withdrawal. The messages instruct the recipient to open an attached file to view more detailed information.
The emails are not from any credit card provider. The attachments that come with the emails contain a trojan that, once installed, can connect to a remote server and download further malware.
Detailed analysis and references below example.
Last updated: 19th September 2011
First published: 19th September 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Your credit card has been blocked
ATTENTION: Your credit card is blocked!
Your credit card was withdrawn $ 0424,57
Possibly illegal operation!
More detailed information in the attached file.
Instantly contact your bank .
Best Wishes, VISA CUSTOMER SERVICES.
Attachment name: d30261180.zip
For several months, malicious emails purporting to be from various credit card providers have been hitting inboxes. The emails claim that the recipient's credit card has been blocked because of the possibly fraudulent withdrawal of a large sum of money. The messages urge recipients to open an attachment to read more information about the supposed "illegal operation".
The messages are not from any credit card provider and the claim that the recipient's credit card account has been compromised is untrue. In fact, the attachment contains a trojan, that if installed, will connect to a malicious website and download further malware components. In many cases, the initial trojan will download a rogue antivirus program
that tries to trick victims into using their credit card to pay a software registration fee. In order to fool users into forking out for the registration fee, the fake anti-virus software will constantly display "security warning" windows listing serious virus and security issues that were supposedly found on the user's computer. The security issues listed in the warnings do not exist.
Details, such as email subject lines, the name of the credit card provider and the amount of the supposed withdrawal vary in different incarnations of the scam emails.
Criminals commonly use such ruses to distribute malware
and to trick users into submitting personal and financial information
. Your credit card provider will NEVER send you an unsolicited email about a supposed compromised account that asks you to open an attached file to review details. If you receive such a message, do not open any attachments or follow any links that it may contain. If you have any doubts about the security of your credit card account, contact your bank or card provider directly.
MasterCard spam leads to Fake AV
Credit Card Overdue Malware Email
Visa Card Violated Phishing Scam
Pages in this month's issue:
- Jordon Mills Prayer Request
- Amy Bruce Charity Hoax Revisited
- 'Australian Taxation Office 'New Rules' Malware Emails
- Bogus Facebook Virus Warning - 'Pornographic Movies Posted On Our Behalf'
- Are UK Companies Required by Law To Transfer 0800 Callers to UK Based Reps If Requested?
- Australia Post Undelivered Package Malware Emails
- Hoax: Picture of Shark Swimming in Flooded Street After Hurricane Irene
- Circulating Health Warning: Beware of Little White and Black Caterpillars
- Harly A. Andrews Prayer Request
- UEFA EURO 2012 Email Draw Advance Fee Scam
- Farmville White Gift Box Virus Warning Hoax
- Sleazy Online Dating Emails Carry Malware
- 'New Antivirus Update for Windows' Scam Email
- Western Union 'Money Transfer' Trojan Email
- Bob Katter and the 'Labor Party's Worst Nightmare' Polemic
- Hoax - Collect Bottle Caps For Free Cancer Chemotherapy Treatment
- 'Your Credit Card is Blocked' Malware Emails