Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share





Issue 86 - October 2008 - Page 3

Pages in this month's issue:
  1. Burundanga Business Card Drug Warning
  2. In-N-Out Burger Discounted Food Hoax
  3. Fraud Transactions Warning Malware Email
  4. Human Parts Factory Hoax
  5. Free Fuel Offer From Shell Hoax
  6. Virus Complaint Email Carries Malware
  7. Miley Cyrus Death Hoax
  8. Chinese Milk Contamination - Recalled Products Warning Email
  9. Poverty Reduction And Eradication Advance Fee Scam
  10. ATM Card Advance Fee Scam
  11. Internet Rumour - UNESCO Chooses Indian National Anthem as Best In The World
  12. American Airlines Loyalty Program Phishing Scam
  13. Senator Collins Oil Spill Interview - The Front Fell Off
  14. Online Quiz to Help Bihar Flood Victims
  15. Internet Access Suspended Malware Email

Issue 86 Start Menu

Previous Article            Next Article

Fraud Transactions Warning Malware Email

Summary:
Email warns that the recipient's credit card has been involved in fraudulent transactions (Full commentary below).



Status:
False

Example:(Submitted, October 2008)
Subject: Fraud Transactions

Hello there
Dear Valued Customer,

We have reasons to believe that your credit card has been involved in a number of fraudulent transactions we have spotted recently. Enclosed is the account statement with the list of transactions made with your credit card between 01.09.2008 and 03.09.2008. Please look carefully through the enclosed document; the last three of the listed transactions are the ones that we suspect to be fraudulent.

I would appreciate if you could find time to clarify this issue and confirm the transactions that you have made personally. This would help us both to have this issue resolved as quickly as possible.

Please find the Word-formatted copy of your account statement is enclosed in the archive attached to this message.

Adios
Shawn Carson
Manager of Credit Card Fraud Defense




Commentary:
According to this email, "Credit Card Fraud Defense" has detected that the recipient's credit card has been involved in a number of fraudulent transactions. The message urges the recipient to open an attached file that supposedly contains an account statement with details about the transactions.

However, the message does not originate with a credit card provider and the attached file does not contain an account statement. Instead, opening the attachment can launch a malicious computer program that installs malware on the user's computer.

Malware distributors regularly use similar tactics to fool unwary users into installing malware and trojans. By sending false information such as a warning about fraudulent credit card transactions, they hope to panic the recipient into opening the attachment without due caution. There have been a number of other malware emails that use the same basic idea. In some, the scammers may claim that the recipient's credit card has been used to purchase an item or service that he or she knows nothing about. In others, they may claim that the recipient has been caught visiting illegal websites, or been accused of other wrong doings such as distributing spam or viruses.

In all such messages, the recipient is urged to open an attachment in order to find out more information about the supposed transactions or accusations. But, alas, the attachments will harbour malware that can infect the user's computer. In many cases, once installed, the malware will download other malware components, harvest personal information from the infected computer and communicate with a remote server. It may also allow hackers to take control of the infected computer and use it to distribute even more malware or send spam messages.

Double Extension File Name 1
As well, malware distributors often use clever tricks to make the malicious attachment seem innocent thereby increasing the chances that a user will open it. In this case, the attachment is a .zip file that contains a dangerous .exe file. However, the name of the .exe file has been disguised so that it appears to have a harmless .doc (Microsoft Word) file extension. The full name of the file is actually "Statement_01.doc.exe" as shown in screenshot on the right.

Double Extension File Name 2
The file name contains a large number of spaces between the ".doc" and the ".exe". Because of the large gap in the file name, some users may not even notice the ".exe" file extension and just assume that it is a Word document as claimed in the email. And, this "double extension" ruse is especially effective if the computer is configured to "hide extensions for known file types". The screenshot to the left shows the same file with this option enabled.

To help avoid worm and malware infections, users should be very cautious of any unsolicited emails that ask them to open an attached file to check transaction records or find out more about a supposed accusation or complaint. In fact, such malware emails are not hard to recognize if the user takes the time to properly analyze the claims in the messages before opening any attachments. For example, it is extremely unlikely that a credit card provider would contact a customer about alleged fraudulent transactions via an unsolicited email, especially when the message does not specifically name either the recipient or the provider. Moreover, entities such as the FBI or the CIA will also never send accusations via unsolicited emails.

Previous Article            Next Article

Issue 86 Start Menu

Pages in this month's issue:
  1. Burundanga Business Card Drug Warning
  2. In-N-Out Burger Discounted Food Hoax
  3. Fraud Transactions Warning Malware Email
  4. Human Parts Factory Hoax
  5. Free Fuel Offer From Shell Hoax
  6. Virus Complaint Email Carries Malware
  7. Miley Cyrus Death Hoax
  8. Chinese Milk Contamination - Recalled Products Warning Email
  9. Poverty Reduction And Eradication Advance Fee Scam
  10. ATM Card Advance Fee Scam
  11. Internet Rumour - UNESCO Chooses Indian National Anthem as Best In The World
  12. American Airlines Loyalty Program Phishing Scam
  13. Senator Collins Oil Spill Interview - The Front Fell Off
  14. Online Quiz to Help Bihar Flood Victims
  15. Internet Access Suspended Malware Email