June 27, 2011Credit Card Overdue Notices
Here's another malware delivery email...this one in the form of an anonymous (some "Notification robot") advisory that your credit card is overdue. Do they mean "credit card payment" or what? These guys really don't know how to make a threatening collection.
The namelessness of the supposed credit card company is quite a joke. Even when a credit card company wants to hound you for a late payment, it's quite sure to spread its brand name all over the place. Moreover, unless you've specifically set up such a notification with your credit card company, it won't notify you to avoid a late charge: They'd much rather you skip the payment so they can beat you over the head with next month's statement of fees and additional accrued interest.
The full text of the email follows:
From: Notification robot
Subject: Credit Card Overdue
Credit Card Overdue
Your Credit Card is one-week overdue. Below is your Card Information
Customer Number : 3280722295
Card Limit ($): 3500
Pay Date: 27 JUN 2011
Attached is Your Credit Card Statement, if You pay the debt within 2 days, there will be no extra-charges. In 2 days $25 late fee and a finance charge will be imposed on your account.
If You have any questions, do not hesitate to contact us.
Trust me: The attachment is not a credit card statement. Nor is this any kind of phishing or extortion plot. The file, named Customer details.zip, contains a Trojan loader (Customer details.exe). If you unzip the file (and run the .exe), you have essentially unzipped your PC's pants. Its private parts won't be private anymore.Posted on June 27, 2011 at 04:45 PM