Speeding Fine Scam downloads malware
School holidays finished up last week for most of Australia. This explains why there has been another outbreak of scam email infringement notice fines. The emails inform the user that they have committed a traffic offence, and that they have a period of time to pay the fine. The recipient is invited to view a camera image of where they committed the offence. Links are provided. Clicking on the link leads to a site that attempts to download malware onto your PC. From what we can see, the malware is most likely a CryptoLocker variant. Do not be fooled. The emails have the look of an Australian Federal Police (AFP) email, but that is as far as it goes. Delete this email.
Figure A shows the email. It does use the AFP logo. The sender of the email is “Austrlian Federal Police”. Yes, they made a typo when spoofing the email address. The subject line is “Driving Intrusion Notice”. The heading of the email is the same as the subject line in this case. The email goes on to state that you have a fine due to negligent driving. A date and time is given for the infringement. The dates are chosen to trick the recipient into clicking on the link. The line of reasoning is simple: the recipient will think “I didn’t drive on that date” and will click on the link to find out what is going on.
Apart from the typo on the email address, there are other signs this email is fake. The simplest detection method is to check the links. None of the links led back to the AFP site, or any Australian Government site. They lead to a malicious site. The grammar of the email is poor, even to the choice of subject line and heading.