Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Twice as bad: speeding ticket with attached malware

Nobody likes receiving a traffic ticket, but one with attached malware is a lot worse. We could get into a philosophical argument about which is truly more terrible – a traffic ticket that adds points to your license and raises your insurance rates, or malware that infiltrates your PC, insinuating itself into your most private contents and passwords. In the end they both come down to money and hassle, although at least the traffic ticket is for the good of society (you really shouldn’t be driving that fast – it’s dangerous and uses more gasoline, which is bad for the environment). However in this case, there is no actual ticket, since it’s just a ploy to get recipients to open the email message and click on the attachment.

On October 6, Commtouch Labs started identifying a massive blast of email messages similar to the one shown here, that appears to have a PDF traffic ticket attached to the email. The colors and fonts vary among the messages, but the overall content is the same – you were caught by the New York State Police (even if you were nowhere near New York at the time). This outbreak is a continuation of the vast waves of malware outbreaks that begin in early August, with themes like UPS/Fedex, “Map of Love,” hotel charge error, NACHA payments, etc.

If you look closely at the attachment, the trained eye can fairly easy make out that it is NOT a PDF, it is an executable file with a PDF icon (sneaky sneaky). And if you go so far as to analyze the attachment (or take a quick look on the handy site VirusTotal), you will see that the attached .exe file masquerading as a PDF is actually a nasty Trojan.

As usual, drive carefully, wear your seat belt, and stay aware when you open unexpected attachments, especially if you know for a fact you haven’t been speeding recently in New York.

Email text:

UNIFORM TRAFFIC TICKET (ID:90369296),


POLICE AGENCY
NEW YORK STATE POLICE
Local Police Code 3618

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS

Time: 7:25 AM
Date of Offense: 07/02/2011
IN VIOLATION OF NYS V AND T LAW


2369 Description of Violation

SPEED OVER 55 ZONE

TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...