Issue 139 - September 2012 (2ndt Edition) - Page 7
All-In-One Shopping Voucher Malware
Email claims that several British supermarket chains have collaborated to offer customers an all-in-one shopping voucher worth £30. The email asks users to click a link for more information and to download the shopping voucher.
The message is not a legitimate offer and there is no such voucher. Links in the message download a trojan to the user's computer.
Detailed analysis and references below example.
Scroll down to submit comments
Last updated: September 12, 2012
First published: September 12, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Shopping Expert TM Monthly Newsletter.
Dear Valued Customer,
Britain's supermarket chains have finally launched ALL-IN-ONE Voucher.
We are very proud to present the best deal yet for your favourite Store. Get £30 worth of spending for just £15 with this voucher. Costs you nothing, all you have to do is print it out and present on the till before paying.
It is up to you where to use it. Just choose one of the following: Tesco Metro, Tesco Express,Morrisons, Sainsbury's, Sainsbury's Local orASDA.
Restrictions: Can't be redeemed with any other offer, discount or promotion. Non-refundable; can't be changed on cash. Ask in store for more details.
Use by:12 noon, Mon 24 Sept 2012
If you are interested follow the link below to find out more and download the voucher.
Please note: If you do NOT wish to receive further emails from us, please click the link below, and you will be automatically removed from our mailing list.
Linda [Name Removed]
Shopping Expert Marketing Manager
This email, which claims to be a "Shopping Expert" Newsletter, supposedly offers recipients an all-in-one shopping voucher. According to the message, British shopping outlets Tesco, Morrisons, Sainsbury's and ASDA have joined together to offer the voucher to customers. Supposedly, the voucher can be used in any of the participating shopping outlets to receive £30 worth of spending for just £15. Recipients are instructed to click a link in the email to read more information and download the voucher for printing. A second link in the message supposedly allows recipients to opt out of receiving further such marketing emails.
However, the email is not a valid offer and users will not receive an all-in-one shopping voucher as claimed. In fact, the message is an attempt by online criminals to trick people into downloading malware to their computers. The voucher offer is the bait used to entice recipients into clicking the malicious links in the email.
Those who fall for the trick and click either of the links in the message will find that a .zip file is downloaded to their computers. The zip file contains a .exe file that, if opened, will install a trojan on the user's computer. The malicious .exe file users a double extension ( "voucher.pdf...............................................................exe") in an attempt to fool users into believing that the file is a harmless PDF. Once installed, the trojan may send information collected from the compromised computer to a remote server and download further malware components.
Be wary of any unsolicited email that claims that you can
download and print a shopping voucher or gift card by following a link or opening an attached file. This is a common scammer ruse. Similar scam attempts may claim that users can print out free airline tickets
or review information about a parcel delivery
by opening an attached file or clicking a link.
American Airlines Flight Ticket Order Malware Emails
FedEx Incorrect Delivery Address Malware Email
Pages in this issue:
- PayPal 'Refund Pending' Phishing Scam
- Tom Kenny, Voice of SpongeBob Is NOT Dead
- Facebook Post Claims Dog Saved Puppies From House Fire
- HM Revenue & Customs Income Tax Repayment Phishing Scam
- Did Samsung Pay a $1 Billion Fine to Apple in 5 Cent Coins?
- Student Finance England 'Payment Cancelled' Phishing Scam
- All-In-One Shopping Voucher Malware
- Morgan Freeman is NOT Dead
- NatWest 'Account Locked' Phishing Scam
- 'Causes' Petition Calling To End Using Dogs As Shark Bait
- Young Football Player Not Allowed to Wear Pink Gloves For Breast Cancer
- Photo Sharing Request for 'Pray For Rosalie'
- Misleading Warning about Missed Calls From +375 and +371 Numbers
- 'Catholic Charities Organization' Money Laundering Scam
- Facebook Survey Scam - Free $500 Woolworths Gift Voucher
- 'Windows Live Update' Sector Zero Virus Hoax
- Killer Piranha Attack Images
- Circulating Image Implies Heineken Supports Dog Fighting
- Another Sick Baby Hoax - Like, Comment or Share to Help Baby With Large Mass on Her Back
- ACMA 'Security Upgrade' Phishing Scam
- 'Circle of Safety' - Child Stuck in Wheel Well Photograph
- American Express 'Security Verification' Phishing Scam