Issue 121 - December 2011 - Page 12
'DGTFX Virus' Email Account Phishing Scam
Messages purporting to be from Yahoo, BT Internet and other email service providers claims that a DGTFX virus has been detected in the recipient's email folders and he or she must reply with account details or risk account deactivation.
The messages are not from genuine service providers. They are phishing scams designed to trick users into handing over their email account login details to Internet criminals.
Detailed analysis and references below example.
Last updated: 18th November 2011
First published: 18th November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: ACCOUNT NOTIFICATION!!!
A DGTFX Virus has been detected in your
Yahoo. folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab, Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus.
Director of Yahoo.Inc Technical Team. Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
All Yahoo.Inc User Should Reply Now !!
Thank you for your co-operation.
Yahoo Account Support
Warning Code :ID67565453
A DGTFX Virus has been detected in your BT internet mail folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab,Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus..
Date of birth:
After receiving the information requested you will be able to continue using your BT internet mail without hitches. Please do bear in mind that we reserve the right to close this BT internet account if this request isn't granted on time.
Thank you for your usual co-operation. We apologize for the inconvenience.
Member Service Team.
A series of phishing scam emails, which claim to be from Yahoo, BT Internet and other service providers, are currently being distributed by cybercriminals. The emails claim that the "DGTFX virus" has been discovered inside the recipient's email folders and that, to avoid spreading the virus to other users, he or she must reply with the account username, password and other details. The messages warn that the infected account will be terminated if the user does not provide the requested details quickly.
The messages are not from any genuine email provider and the claim that a DGTFX virus has been detected is a lie. The virus claim is designed to panic the user into complying with the request for information without due forethought. Those who fall for the ruse and send their details as requested will in fact be providing criminals with the means of hijacking their email accounts. Once they have received the account information, these criminals can login to the user's email account, lock him or her out of the account by changing the password and then use the account at will for their own nefarious purposes.
These criminals often use such hijacked accounts to launch further scam and spam campaigns. One such ruse is designed to trick contacts of the victim into sending money to online criminals. Once they have gained access to the hijacked account, the scammers will then send emails to all of the people on the account's contact list. These emails will falsely claim that the account holder is in a very difficult situation and desperately needs financial assistance. Usually, such emails claim that the account holder is stranded in another country
without money or travel documents due to a robbery or lost baggage.
The scammers use technical sounding language ("DGTFX virus", "1024-bit RSA keys") in an attempt to make their false claims a little more believable. Less experienced computer users may be especially vulnerable to this tactic. They also pretty up their scam messages with logos and other graphics stolen from the websites of the service providers they are targeting.
Legitimate service providers will never send you an unsolicited email that asks you to reply with email usernames and passwords. This is a very common scam that has spawned a number of variations over recent years. Customers of several well-known service providers have been targeted, including those who use Gmail
, and Bigpond
Any email that asks you to reply with sensitive information such as your username and password is sure to be a scam. Note also that some variations of the scam ask users to supply account details by following a link to a bogus website or by opening an attached file.
Friend Stranded in Foreign Country Scam Emails
Gmail Account Phishing Scam
AT&T Phishing Scam
Hotmail Account Closure Phishing Scam
Bigpond Database Upgrade Phishing Scam
Pages in this month's issue:
- Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
- False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
- Summer Chain Email - Blond Hair And Blood Shot Eyes
- Facebook Account Reported Phishing Scam
- Christmas Tree App Virus Hoax
- Sears Supports Reservist Employees Email Forward
- False Claim - Colour Photographs of Hitler Taken by American Life Photographer
- Budweiser Frogs Virus Hoax
- Phone Text Message Lottery Scams
- Skype TopUp Payment PayPal Phishing Scam
- Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
- 'DGTFX Virus' Email Account Phishing Scam
- Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
- False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
- Christmas Cards for Recovering American Soldiers
- Starbucks Coffee Free Gift Card Survey Scam
- Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
- Advance Fee Scam - British National Lottery Promo Programme
- Live Ants In The Brain Hoax
- Hoax - Albany Bread Poisoned by Staff
- PayPal 'Verify to Resolve Account Limitations' Phishing Scam
- Red Bull Car Adverts Money Laundering Scam
- Hoax - Facebook Shutting Down on March 15
- False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
- IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
- Abandoned Two Week Old Sydney Baby Prayer Request
- Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
- Protest Message - Dog Named 'Parrot' Shot by Police
- Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
- Apple Store Account Phishing Scam