Nobody likes receiving a traffic ticket, but one with attached malware is a lot worse. We could get into a philosophical argument about which is truly more terrible – a traffic ticket that adds points to your license and raises your insurance rates, or malware that infiltrates your PC, insinuating itself into your most private contents and passwords. In the end they both come down to money and hassle, although at least the traffic ticket is for the good of society (you really shouldn’t be driving that fast – it’s dangerous and uses more gasoline, which is bad for the environment). However in this case, there is no actual ticket, since it’s just a ploy to get recipients to open the email message and click on the attachment.
On October 6, Commtouch Labs started identifying a massive blast of email messages similar to the one shown here, that appears to have a PDF traffic ticket attached to the email. The colors and fonts vary among the messages, but the overall content is the same – you were caught by the New York State Police (even if you were nowhere near New York at the time). This outbreak is a continuation of the vast waves of malware outbreaks that begin in early August, with themes like UPS/Fedex, “Map of Love,” hotel charge error, NACHA payments, etc.
If you look closely at the attachment, the trained eye can fairly easy make out that it is NOT a PDF, it is an executable file with a PDF icon (sneaky sneaky). And if you go so far as to analyze the attachment (or take a quick look on the handy site VirusTotal), you will see that the attached .exe file masquerading as a PDF is actually a nasty Trojan.
As usual, drive carefully, wear your seat belt, and stay aware when you open unexpected attachments, especially if you know for a fact you haven’t been speeding recently in New York.
NEW YORK STATE POLICE
Local Police Code 3618
Time: 7:25 AM
Date of Offense: 07/02/2011
IN VIOLATION OF NYS V AND T LAW
TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117