Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 98 - December 2009 - Page 10

Pages in this month's issue:
  1. False Story Claims 450 Gaza Grooms Wed Girls Under Ten in Mass Muslim Marriage
  2. Christopher or Jessica Davies Hacker Hoax Warning
  3. How to Survive a Heart Attack When Alone Hoax
  4. Hotmail Account Closure Phishing Scam
  5. Bungee Jumper Loses Head To Crocodile Video
  6. Egg Windshield Attack Robbery Warning
  7. New US Dollar Notes Preview Hoax
  8. Amazing Device From Google Hoax
  9. Scam Rumours About The Westfield Gift Card Competition on Facebook
  10. Errors in Social Security Statement Trojan Email
  11. Email Exceeded Storage Limit Phishing Scam
  12. Facebook Deleting Inactive Users Hoax

Issue 98 Start Menu

Previous Article            Next Article

Errors in Social Security Statement Trojan Email

Summary:
Email purporting to be from Social Security Administration claims that the recipient's Social Security statement may contain errors and urges him or her to click a link to review the statement (Full commentary below).



Status:
Message is a scam designed to install malware and steal information

Example:(Submitted, November 2009)
Subject: Watch for errors on Social Security statement

Due to possible calculation errors, your annual Social Security statement may contain errors. Use the link below to review your annual Social Security statement:
Review your annual Social Security statement
[Link to scam website removed]

-----------------------------

This e-mail has been sent from an auto-notification system that cannot accept incoming e-mail.




Commentary:
This email, which purports to be from "Social Security Administration", claims that the recipient's annual Social Security statement may contain errors. It urges recipients to click a link in the message in order to review a copy of the statement and look for "possible calculation errors".

However, the message is not from Social Security Administration. Instead, it is a scam email designed to harvest social security numbers and trick users into installing an information stealing computer trojan. Those who click on the link will be taken to a bogus website designed to resemble the genuine United States Social Security Online website. Visitors are first asked to enter the Social Security Number and then click a "Continue" button. They are then taken to a second look-a-like webpage where they are instructed to click another button that will supposedly generate their annual Social Security statement.

Clicking the button does not generate a statement however. Instead it downloads and installs a version of the Zbot.P trojan. Once installed on the victim's computer, the trojan can collect sensitive information such as passwords and transmit them to Internet criminals.

Social Security Administration, and other government entities such as the IRS are often used by scammers as a means of tricking people into submitting private information or downloading malware. Beware of unsolicited emails from government departments that request you to follow a link or open an attachment to provide information or review documents. Government departments are very unlikely to ask citizens to provide private personal or financial information via an unsolicited email. If you need to login to a government department's official website, be sure to do so by typing the address in your browser's address bar rather than clicking a link in an email.

Scammers have used similar tactics to target United States Social Security Administration clients a number of times in the past. Scammers also regularly target citizens of other nations via similar scam emails that falsely claim to be from government departments such as the Australian Tax Office or Canada's Department of Finance.

Bookmark and Share

References:
Zbot's Social Security 'Statement'
IRS Tax Refund Phishing Scam
Social Security Administration Phishing Scam
Australian Tax Refund Scam Email
Department of Finance Phishing Scam

Previous Article            Next Article

Issue 98 Start Menu

Pages in this month's issue:
  1. False Story Claims 450 Gaza Grooms Wed Girls Under Ten in Mass Muslim Marriage
  2. Christopher or Jessica Davies Hacker Hoax Warning
  3. How to Survive a Heart Attack When Alone Hoax
  4. Hotmail Account Closure Phishing Scam
  5. Bungee Jumper Loses Head To Crocodile Video
  6. Egg Windshield Attack Robbery Warning
  7. New US Dollar Notes Preview Hoax
  8. Amazing Device From Google Hoax
  9. Scam Rumours About The Westfield Gift Card Competition on Facebook
  10. Errors in Social Security Statement Trojan Email
  11. Email Exceeded Storage Limit Phishing Scam
  12. Facebook Deleting Inactive Users Hoax