Debunking hoaxes and exposing scams since 2003!

Jump To: Example    Detailed Analysis   Comments   References

Fake LogMeIn Pro Payment Email Contains Malware

Jump To: Example    Detailed Analysis   Comments   References


Email purporting to be from remote computer access service provider LogMeIn thanks you for purchasing a yearly plan for 25 computers and suggests that you open an attached file to view transaction details.

Beware Malware

Brief Analysis

The email is not from LogMeIn. The Microsoft Word document attached to the email includes a malicious macro that, if enabled, can download and install further malware.



Bookmark and Share

related Links

Related Links

Identity theft is one of the fastest growing crimes in the world. Learn how to stay safe online with Hoax-Slayer's comprehensive eBook:


Subject: Your LogMeIn Pro payment has been processed!

Dear client,

Thank you for purchasing our yearly plan for LogMeIn Pro on 25 computers. Your credit card has been successfully charged.

Date : 25/2/2015
Amount : $999 ( you saved $749.75)

The transaction details can be found in the attached receipt.
Your computers will be automatically upgraded the next time you sign in.

Thank you for choosing LogMeIn!

Attachment name: 'logmein_pro_receipt.xls' or 'logmein_pro_receipt.doc'

Detailed Analysis

Email Claims You Have Purchased LogMeIn Pro For 25 Computers

This email, which claims to be from remote computer access service LogMeIn, thanks you for purchasing LogMeIn Pro for 25 computers at a cost of $999. The message advises that your credit card has been successfully charged for that amount.

It claims that transaction details can be viewed by opening an attached Microsoft Word file.

Email is Fake - Attachment Contains Malware

However, the email is certainly not from LogMeIn. If you do open the attachment, you will be prompted to enable macros, ostensibly so that the 'receipt' can be correctly displayed.

However, once macros are enabled, a malicious macro can then download and install other types of malware on your Windows based computer. Once installed, this malware can download even more malware and join the infected computer to a botnet.

Details such as the subject line and the supposed payment amount may vary in different versions of the message. Some variants may have a Microsoft Excel rather than a Microsoft Word attachment.

If you receive one of these emails, do not open any attachments or click any links that it contains. And, unless you have a specific reason for using macros, it is best to leave them disabled in Microsoft Office.

More information about macro malware threats can be viewed in this other Hoax-Slayer article.

Malware Infected Computer


Last updated: March 2, 2015
First published: March 2, 2015
By Brett M. Christensen
About Hoax-Slayer

Your LogMeIn Pro payment has been processed! - Malware
Macro Virus Threat Returns - Beware Emails With Malicious Word Attachments

More stories!

'Internet Capacity Warning' Phishing Scam
According to this email, which claims to be from the 'Support Department' at 'Information Technology Services', your internet capacity is 70% full and you therefore need to contact support to avoid problems.
Published: July 6, 2015

Kroger 'Free Coupons' Survey Scam
Message being distributed across Facebook claims that users can receive free coupons from American retailer Kroger just by sharing a message and visiting a third party website to claim their prize.
Published: June 16, 2015

Pointless Facebook Warning - Hackers Posting Insulting Messages or Sexual Content In Your Name
'Hacker' alert messages circulating on Facebook claim that, without your knowledge, hackers are posting insulting or sexual messages that appear to come from you onto your Facebook Timeline.
Published: June 3, 2015