Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

Credit Card Overdue Malware Email

Email claims that the recipient's credit card is overdue and that he or she should open an attached file to review a financial statement.

Brief Analysis
The email is a scam. The attached file contains a trojan. Once installed, the trojan will download a rogue computer repair program that tries to trick users into paying a fee to fix errors it has supposedly detected on the infected computer.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 9th July 2011
First published: 9th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

From: Notification Robot
Subject: Your Credit Card is one week overdue

Dear Customer,

Your Credit Card is one week overdue.
Below your Card information

Customer 9535358629
Card Limit XXXXXX
Pay Date 29 Jun 2011

The details are attached to this e-mail.
Please read the financial statement properly.

If you pay the debt within 2 days, there will be no extra-charges.
In 2 days $25 late fee and a finance charge will be imposed on your account.

Please do not reply to this email, it's automatic mail notification.

Thank you.

Message includes attached file named :""

Detailed Analysis
This email claims that the recipient's credit card is one week overdue and that extra charges will be imposed if the debt is not settled within two days. The message urges recipients to open an attached file to read a financial statement about the supposed debt.

However, the message is certainly not from a legitimate credit card provider and the attachment does not contain a financial statement. In fact, the message is a scam designed to trick users into installing malware on their computers. The attached .zip file harbours an executable file that, if opened, will install a downloader trojan.

This trojan will in turn download and install a rogue computer repair program. The rogue software will display fake error messages that prompt the user to restart the infected computer. Once the computer is restarted, the rogue software will display the results of a bogus performance scan. The scan results will falsely claim that there are a number of serious problems with the computer that need to be repaired.

Victims are then prompted to use their credit card to pay a licence fee, supposedly so that the repair software can fix the problems detected in the "scan". Thus, victims are tricked into paying a fee for a useless program that they think will fix computer problems that did not exist in the first place. And, of course, they are also handing over their credit card details to Internet criminals.

"From" and "Subject" lines and other details in the text of the scam messages may vary from the above example. Some versions claim to be from a "Notification Robot", while others have the words "Important Information" in the email's "From" field. The name of the attached file may also vary.

No financial institution or credit card provider is ever likely to send you an unsolicited email that prompts you to open an attached file or click a link to view a financial statement. If you receive such a message, do not open any attachments that it may contain. Do not follow any links in the message, as scammers often try to trick users into visiting a bogus website that, like the attachments, harbours malware. Phishing scammers also use similar tactics to trick people into divulging personal and financial information.

Bookmark and Share References
Fake Credit Card Overdue Emails Distribute Scareware
Phishing Scams - Anti-Phishing Information

Last updated: 9th July 2011
First published: 9th July 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer