> > >Dear Friends >I received three mails from purported from New York Police Department for >violation of traffic rule in New York. There is an attachment with the mail. >Since I was not in New York during the period mentioned in the mail, I >searched for information in the net and found that it is a Spam mail with a >malware as attachment which will harm our computer if opened. I have given the >details below and request you to ignore such mails if received. >S.V.SAI BABA > > >'Uniform Traffic Ticket' Malware EmailOutline >Email claiming to be a notification of a traffic ticket for speeding from the >New York State Police urges the recipient to print out the ticket contained in >an attached file and post it to the Town Court. > > Brief Analysis >The message is not from police and the attachment does not contain a speeding >ticket. The attachment contains malware. > > >Detailed analysis and references below example. > >Become a Hoax-Slayer Supporter > > >Scroll down to submit comments >Last updated: 6th July 2011 >First published: 6th July 2011 >Article written by Brett M. Christensen >About Brett Christensen and Hoax-Slayer > >Example >From: Police agency Subject: UNIFORM TRAFFIC TICKET > > >New York State — Department of Motor Vehicles >UNIFORM TRAFFIC TICKET >POLICE AGENCYNEW YORK STATE POLICE > >Local Police Code > > >THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS > >Time: 7:25 AM >Date of Offense: 07/02/2011 > >IN VIOLATION OF >NYS V AND T LAW Description of Violation: >SPEED OVER 55 ZONE >TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM >HALL., PO BOX 117 > >Email incudes an attached file named "Ticket.zip" > > > >Detailed Analysis >This email, which purports to be from the New York State Police, claims that >the recipient has been charged with speeding in violation of New York State >law. The message advises recipients wishing to plead the case to print out a >traffic ticket contained in an attached file and mail it to the Town Court at >Chatam Hall. > >However, the message is certainly not from New York State Police and the >attachment does not contain a speeding ticket. In fact, the attachment >contains a trojan that, if opened, can install itself on the user’s computer. >Typically, such trojans are able to contact a remote server and download >further malware that can steal information from the infected computer and >allow criminals to control it from afar. > >In this case, the criminals responsible for the malware emails obviously hope >that their message will panic people into opening the attachment without due care and attention. A great many of the people who receive one of these widely distributed emails will not have even been in New York on the date specified. Thus, at least some, fearing a major error by the police, are likely to immediately open the attachment with the intention of sending off the supposed ticket and pleading their innocence. Such simple - but often quite effective - social engineering tricks have proved very useful for scammers over many years. > >Police departments are very unlikely to send people traffic violations via >unsolicited emails. This tactic is similar to another current malware >campaign in which recipients are instructed to open an attached file in an >email purporting to be from the IRS. > >Be very cautious of any unsolicited email that claims to be from police or a government department and instructs you to open an attached file or follow a link. Such tactics are commonly used by criminals intent on distributing malware or tricking recipients into divulging personal and financial information via phishing scams. > > > >S.V.SAI BABA >Links to my Blogs >English: http://svsaibaba.blogspot.com >Tamil: http://svsbaba.blogspot.com/ > > >“Good friends are like stars.... You don't always see them, but you know they >are always there” > > > > > > >
