'Homicide Suspect' Malware Email - Fake Critical Reach Alert
OutlineMessage purporting to be from community alert system Critical Reach claims that recipients can read a bulletin about a homicide suspect by opening an attached file.
© Depositphotos.com/ mybaitshop
Brief AnalysisThe email is not from Critical Reach and the attachment does not contain information about a homicide suspect. Instead, the attachment contains malware. Once installed, this malware can harvest personal information from the infected computer and make connections to remote servers operated by criminals. If you receive this bogus alert email, do not open any attachments or click any links that it contains.
Bulletin Headline: HOMICIDE SUSPECT
Sending Agency: Huntington Park Police
Sending Location: CA - Los Angeles - Huntington Park
Bulletin DateTime: 2014-03-25 @ 18:47
Bulletin Case#: 14-11154
Bulletin Author: BARILLAS #2512
Sending User #: 69470
APBnet Version: 474899
The bulletin is a pdf attachment to this email.
The Adobe Reader (from Adobe.com) will display and print the bulletin best.
You can Not reply to the bulletin by clicking on the Reply button in your email software.
Attachment: Email.zip, 7.3 KB
A bogus email that presents itself as a notification from US based community alert service Critical Reach is currently hitting inboxes. The "alert" email claims to contain an official bulletin about a homicide suspect in an attached .zip file. Huntington Park Police supposedly released the bulletin.
However, the email is not from Critical Reach and the attachment does not contain a police bulletin about a homicide suspect. Instead, the attached .zip file contains a malicious .exe file.
If run, the .exe file installs malware on the user's computer. This malware can collect personal information from the compromised computer and send it to remote servers operated by cybercriminals. It may also download and install more malware.
The 'Homicide Suspect' malware emails that I have seen so far all claim to originate from Huntington Park Police in Los Angeles. However, further incarnations of the bogus email may arrive with different details. The fake emails spoof addresses so that they appear at first glance to be genuine Critical Reach messages.
This email campaign is reminiscent of other recent malware attacks that falsely claimed that recipients had been evicted from their homes or had been summoned to appear in court.
If you receive one of these bogus alert emails, do not open any attachments or click on any links that it contains.