Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 121 - December 2011 - Page 12

'DGTFX Virus' Email Account Phishing Scam

Issue 121 Start Menu

Previous Article            Next Article

Outline
Messages purporting to be from Yahoo, BT Internet and other email service providers claims that a DGTFX virus has been detected in the recipient's email folders and he or she must reply with account details or risk account deactivation.



Brief Analysis
The messages are not from genuine service providers. They are phishing scams designed to trick users into handing over their email account login details to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.





Last updated: 18th November 2011
First published: 18th November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: ACCOUNT NOTIFICATION!!!

Yahoo Account Info

A DGTFX Virus has been detected in your Yahoo. folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab, Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus.

User name:
Password:
Reconfirm Password:
Country:

Director of Yahoo.Inc Technical Team. Note that your password will be encrypted with 1024-bit RSA keys for your password safety.

All Yahoo.Inc User Should Reply Now !!
Thank you for your co-operation.
Yahoo Account Support
Warning Code :ID67565453

Subject: Warning.

Yahoo Account Info

Account Update


A DGTFX Virus has been detected in your BT internet mail folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab,Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus..

Username:
Password:
Date of birth:
Occupation:
Country:
After receiving the information requested you will be able to continue using your BT internet mail without hitches. Please do bear in mind that we reserve the right to close this BT internet account if this request isn't granted on time.

Thank you for your usual co-operation. We apologize for the inconvenience.

BT Logo

Sincerely,
Member Service Team.





Detailed Analysis
A series of phishing scam emails, which claim to be from Yahoo, BT Internet and other service providers, are currently being distributed by cybercriminals. The emails claim that the "DGTFX virus" has been discovered inside the recipient's email folders and that, to avoid spreading the virus to other users, he or she must reply with the account username, password and other details. The messages warn that the infected account will be terminated if the user does not provide the requested details quickly.

The messages are not from any genuine email provider and the claim that a DGTFX virus has been detected is a lie. The virus claim is designed to panic the user into complying with the request for information without due forethought. Those who fall for the ruse and send their details as requested will in fact be providing criminals with the means of hijacking their email accounts. Once they have received the account information, these criminals can login to the user's email account, lock him or her out of the account by changing the password and then use the account at will for their own nefarious purposes.

These criminals often use such hijacked accounts to launch further scam and spam campaigns. One such ruse is designed to trick contacts of the victim into sending money to online criminals. Once they have gained access to the hijacked account, the scammers will then send emails to all of the people on the account's contact list. These emails will falsely claim that the account holder is in a very difficult situation and desperately needs financial assistance. Usually, such emails claim that the account holder is stranded in another country without money or travel documents due to a robbery or lost baggage.

The scammers use technical sounding language ("DGTFX virus", "1024-bit RSA keys") in an attempt to make their false claims a little more believable. Less experienced computer users may be especially vulnerable to this tactic. They also pretty up their scam messages with logos and other graphics stolen from the websites of the service providers they are targeting.

Legitimate service providers will never send you an unsolicited email that asks you to reply with email usernames and passwords. This is a very common scam that has spawned a number of variations over recent years. Customers of several well-known service providers have been targeted, including those who use Gmail, AT&T, Hotmail, and Bigpond.

Any email that asks you to reply with sensitive information such as your username and password is sure to be a scam. Note also that some variations of the scam ask users to supply account details by following a link to a bogus website or by opening an attached file.

Bookmark and Share

References
Friend Stranded in Foreign Country Scam Emails
Gmail Account Phishing Scam
AT&T Phishing Scam
Hotmail Account Closure Phishing Scam
Bigpond Database Upgrade Phishing Scam



Previous Article            Next Article

Issue 121 Start Menu

Pages in this month's issue:
  1. Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
  2. False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
  3. Summer Chain Email - Blond Hair And Blood Shot Eyes
  4. Facebook Account Reported Phishing Scam
  5. Christmas Tree App Virus Hoax
  6. Sears Supports Reservist Employees Email Forward
  7. False Claim - Colour Photographs of Hitler Taken by American Life Photographer
  8. Budweiser Frogs Virus Hoax
  9. Phone Text Message Lottery Scams
  10. Skype TopUp Payment PayPal Phishing Scam
  11. Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
  12. 'DGTFX Virus' Email Account Phishing Scam
  13. Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
  14. False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
  15. Christmas Cards for Recovering American Soldiers
  16. Starbucks Coffee Free Gift Card Survey Scam
  17. Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
  18. Advance Fee Scam - British National Lottery Promo Programme
  19. Live Ants In The Brain Hoax
  20. Hoax - Albany Bread Poisoned by Staff
  21. PayPal 'Verify to Resolve Account Limitations' Phishing Scam
  22. Red Bull Car Adverts Money Laundering Scam
  23. Hoax - Facebook Shutting Down on March 15
  24. False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
  25. IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
  26. Abandoned Two Week Old Sydney Baby Prayer Request
  27. Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
  28. Protest Message - Dog Named 'Parrot' Shot by Police
  29. Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
  30. Apple Store Account Phishing Scam