« Malware Deliveries With More Bite | Main | New Twist for FedEx Malware Delivery Email »

July 15, 2012

The traffic ticket alert email has been used before as a malware delivery vehicle (here's one). This time it's back with a little different format. The message has the following content:

Subject: Speed limit violation camera shot.

Hello, your vehicle has been identified on Eustace Alley as violating the speed limit on 6/4/2012.
Please find the camera shot of your vehicle attached to this notification.

You can comply with this Violation notification as follows: Pay the sanction and surcharge, claim you are not the driver, or contest responsibility.
Mon, 16 Jul 2012 01:53:58 +0700

[attachment:cumshot_934880.zip]

Apologies to sensitive readers about the attached file name, but that's what it is in the sample I saw.

Unlike previous campaigns of this type, there is no invocation of any government agency. Eustace Alley could be anywhere, I suppose (certainly has a London feel to it).

The antivirus software running on my machine spotted the attachment as a Trojan. I hope other recipients are equally protected. If not, and their adrenalin gets the better of them, a double click will get them good. They'd probably trade a real speeding ticket for the hassle they're going to incur.