Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 124 - February 2012 (1st Edition) - Page 7

Bogus Seattle Traffic Ticket Email Points To Malware

Issue 124 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the Seattle Police Department claims that the recipient has been given a traffic ticket for speeding. Recipients are invited to click a link to plead their case.



Brief Analysis
The email is not from Seattle Police and the claim that the recipient has been issued with a traffic ticket is a lie. The link in the email opens a website that harbours malware.

Bookmark and Share
Detailed analysis and references below example.





Last updated: 20th January 2012
First published: 20th January 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: SEATTLE TRAFFIC TICKET

Seattle Department of Motor Vehicles
TRAFFIC TICKET
SEATTLE POLICE DEPARTMENT
THE PERSON CHARGED AS FOLLOWS

Time: 0:13 AM
Date of Offense: 28/12/2011

SPEED OVER 50 ZONE
TO PLEAD CLICK HERE AND FILL OUT THE FORM



Fingerprint: 5b30417d-f6464646




Detailed Analysis
This email, which claims to be from Seattle Police, informs recipients that they have been issued with a traffic ticket for speeding. The email instructs recipients to click a link and fill in a form if they wish to plead the traffic charge.

However, the email is certainly not from Seattle Police or the Seattle Department of Motor Vehicles. And the email is not a genuine speeding ticket notification. In fact the message is an attempt by cybercriminals to trick users into downloading malware. Those who fall for the ruse and follow the link will be taken to a malicious website that attempts, via an iFrame from a second malicious site, to run a JavaScript exploit. If the exploit is successful, it can download a malware .exe file, that once installed can then open a connection to a remote server.

The criminals responsible for this attack rely on the fact that at least a few of the people who receive the message will follow through and click the link to the malware site. Some may have really been driving in Seattle at the specified time and therefore be fooled into believing the email's claims and clicking the link. Some others, who were nowhere near Seattle at the recorded time, may click the link in the belief that they need to rectify a mistake made by police.

A very similar "traffic ticket" malware campaign was launched back in mid-2011. The earlier version claimed that recipients had been issued a Uniform Traffic Ticket for speeding in New York State. The New York version hid its malware payload in an attached file.

It is very unlikely that any police or transport department would ever issue a traffic fine via a generic and unsolicited email like the one above. Internet users should be very cautious of any unsolicited emails that claim to be from police or a government department and instructs you to open an attached file or follow a link. Criminals regularly use tactics like these to trick people into installing malware or divulging their private information.

Other versions of this malware email may specify different towns or cities as the location of the supposed offence and change other details in the text and subject line. If you receive any unsolicited email that claims that you have been issued with a traffic ticket or other driving charge, do not click any links or open any attachments that it may contain.

Bookmark and Share References
Fake Seattle traffic ticket notification leads to malware
Uniform Traffic Ticket' Malware Email



Previous Article            Next Article

Issue 124 Start Menu

Pages in this month's issue:
  1. The Tale of the Racist Airline Passenger
  2. Mechanically Separated Chicken Warning
  3. Seriously McDonald's - African Americans Pay More Hoax
  4. Hoax - Queensland Will Hold a Referendum in July For a New Constitution
  5. Another Facebook Nonsense Post - Share to Help Baby With Brain Disorder
  6. Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue
  7. Bogus Seattle Traffic Ticket Email Points To Malware
  8. Hoax Message Warns Users Not To Contact DreamWeaverGrey
  9. Hoax - Facebook Will Donate $1 Per Share to Help Sick Baby
  10. Western Union Database Update Phishing Scam
  11. Facebook 'See Who Viewed Your Profile' Scams - Rogue 'Stalker' Apps
  12. Advance Fee Scam - 'You Are on the FBI Wanted Persons List'
  13. WhatsApp 'Logo Will Turn Red' Hoax
  14. Facebook Survey Scam - Get a Costco Gift Card for Free
  15. Boy Shot By Step Dad Charity Hoax