Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation



Payment Slip Confirmation Malware Email

Outline
Email asks recipients to confirm a supposed payment by reviewing a payment slip contained in an attached file.

Protection concept: Malware on digital background

© Depositphotos.com/ Maksim Kabakou



Brief Analysis
The email is not a reply about a payment slip. The attached file harbours an executable file that, if opened, can install malicious code on the recipient's computer.

Bookmark and Share

Examples

Re: The Payment

Dear Sir /Madam

How are you? Thanks for your e-mail, Attachment is the payment slip.

i wait your confirmation.

Best regards
Frau Eunice Meyer.


Re: Payment Slip

Dear Sir /Madam

How are you? Thanks for your e-mail, Attachment is the payment slip.
i wait your confirmation.

Best regards

Smith.


Detailed Analysis


According to this message, which presents itself as a reply to an email supposedly sent by the recipient, a payment slip can be viewed by opening an attached file. The message suggests that the sender is awaiting confirmation with regard to the supposed payment.

However, the email is not a reply to a previous message as implied and it has nothing whatsoever to do with any payment. The attachment does not contain a payment slip. Instead, it harbours executable code contained inside a .rar file.

Typically, such malware can establish connections with remote servers run by criminals, collect and transmit information harvested from the infected computer, and download further malware.

The criminals running this malware campaign hope that at least a few recipients will open the attached file with the goal of finding out more about the supposed payment.

Be wary of any unsolicited emails that ask you to open an attached file or click a link to review details of a payment or transaction that you have no knowledge of. This is a very common method of distributing malware.



Bookmark and Share

Last updated: October 28, 2013
First published: October 10, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Threat Outbreak Alert: Fake Payment Attachment Notification Email Messages on October 1, 2013
ACH Payment Canceled Malware Email
Intuit "Payroll Processing Request" Malware Email