Scam emails tell people they have cancer to trick them into installing a money-stealing Trojan
Sick fraudsters have put out a batch of malware-riddled hoax emails warning recipients that they may have cancer.
The scam emails purport to come from the UK National Institute for Health and Care Excellence (Nice). The emails – which arrive with the header “important blood analysis result” – ask prospective victims to download and print out “test results” from an attachment that’s likely to be laced with a bank-account-raiding Trojan.
Marks are falsely informed that Nice has sent a sample of their blood for further research. Copies of the contents of the scam emails can be found in an alert from Action Fraud.
In a statement, Sir Andrew Dillon, Nice chief executive, said:
“This malicious email is not from Nice and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
Cloud security firm AppRiver said that the infectious attachment harbours the infamous ZeuS bank-siphoning Trojan.
“The name of the file is CBC_Result_[random alphanumeric string].zip. Inside the archive is a file with a double extension made to look like a PDF file but in actuality is an executable with a PDF icon,” a blog post by AppRiver senior researcher Fred Touchette explains. ®