Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









'Uniform Traffic Ticket' Malware Email

Outline
Email claiming to be a notification of a traffic ticket for speeding from the New York State Police urges the recipient to print out the ticket contained in an attached file and post it to the Town Court.

Traffic Ticket Malware

© Depositphotos.com/Nicemonkey



Brief Analysis
The message is not from police and the attachment does not contain a speeding ticket. The attachment contains malware.

Example
From: Police agency Subject: UNIFORM TRAFFIC TICKET

New York State ó Department of Motor Vehicles
UNIFORM TRAFFIC TICKET
POLICE AGENCY
NEW YORK STATE POLICE

Local Police Code

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS


Time: 7:25 AM
Date of Offense: 27/04/2013

IN VIOLATION OF
NYS V AND T LAW Description of Violation:
SPEED OVER 55 ZONE
TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117


Email incudes an attached file named "Ticket.zip"


Detailed Analysis


This email, which purports to be from the New York State Police, claims that the recipient has been charged with speeding in violation of New York State law. The message advises recipients wishing to plead the case to print out a traffic ticket contained in an attached file and mail it to the Town Court at Chatam Hall.

However, the message is certainly not from New York State Police and the attachment does not contain a speeding ticket. In fact, the attachment contains a trojan that, if opened, can install itself on the userís computer. Typically, such trojans are able to contact a remote server and download further malware that can steal information from the infected computer and allow criminals to control it from afar.

In this case, the criminals responsible for the malware emails obviously hope that their message will panic people into opening the attachment without due care and attention. A great many of the people who receive one of these widely distributed emails will not have even been in New York on the date specified. Thus, at least some, fearing a major error by the police, are likely to immediately open the attachment with the intention of sending off the supposed ticket and pleading their innocence. Such simple - but often quite effective - social engineering tricks have proved very useful for scammers over many years.

Police departments are very unlikely to send people traffic violations via unsolicited emails. This tactic is similar to another current malware campaign in which recipients are instructed to open an attached file in an email purporting to be from the IRS.

Be very cautious of any unsolicited email that claims to be from police or a government department and instructs you to open an attached file or follow a link. Such tactics are commonly used by criminals intent on distributing malware or tricking recipients into divulging personal and financial information via phishing scams.

Bookmark and Share

Last updated: May 16, 2013
First published: July 6, 2011
By Brett M. Christensen
About Hoax-Slayer

References
IRS 'Unable To Process Your Tax Return' Malware Email
Phishing Scams - Anti-Phishing Information