AppRiver have identified a new kind of e-mail scam which impersonates a communication from London City Police. Fred Touchette, Senior Security Analyst at AppRiver, has said “The fake alert is meant to raise community awareness about a supposed homicide suspect who is on the loose in London and was made to look like it was sent out by the London City Police themselves. All of the information provided in the email body is seemingly important looking, but rather vague, by design. This is to raise curiosity and to direct readers to the real target, the attachment. This is where the real details of the case are, what is this suspect’s name, what do they look like, where were they last seen, etc etc, but instead, as is the norm, the attachment actually contains malware.”
In the picture above, you can see how the email appears to be important, however also has an ambiguity to it, which is designed to trick users into opening the attachment. Few anti-virus companies are able to identify the email at this stage, meaning thousands if not millions of web users are at risk. Furthermore as scams go, this is a very convincing theme to try and engineer the intended response from a potential victim.
More information is available on scam at the AppRiver blog http://blog.appriver.com/