Fraudulent e-mails try to steal info

Posted Nov. 15, 2009, at 7:20 p.m.

OK, I know I’m going to take some heat for writing about the holiday shopping season (we’ve barely gotten through Halloween, Russ) but there’s a serious threat to your financial safety.

An alert reader passed along a persistent bit of malware from those who abuse the Internet. What appears to be an innocent message about a missed delivery is really an attempt to rip you off.

It arrives as an e-mail message claiming that DHL, an international parcel delivery service, could not get a package to you due to an error in the shipping address. The message goes on, “You may pickup [sic] the parcel at our post office personaly [sic] … The shipping label is attached to this e-mail. Please print this label to get this package at our post office.”

Suspicious? You should be. It’s nothing that DHL sent, and as the company advises on its Web site, it’s “a real virus attached to a fraudulent e-mail.”

So don’t open the attachment, don’t click on any links — in short, don’t do anything you’re asked to do.

If the errors in grammar don’t give away the fact that it’s a hoax, the confusing instructions (print a shipping label to pick something up) should make it clear. There is no package, just a vicious program thieves use to get access to your personally identifiable information and especially any financial data you may have stored.

The malicious program is designed to disable the computer’s firewall and steal banking information from the infected computer. It can do a lot more damage, including:

· Capturing all of the user’s keystrokes, revealing login names, passwords and credit card numbers.

· Downloading a malicious program that can damage the individual computer and-or the network it’s connected to.

· Installing a Trojan horse that runs in the background and allows hackers to access your computer remotely.

The malicious program is called Infostealer.Banker.C, and it’s a mean one. Clearly, Infostealer is a lot riskier than it seemed when first detected about 2½ years ago. Experts think it originated in Russia. Now known by about 100 aliases, the program has demonstrated both its malicious nature and its durability.

The same scam made the rounds last year, claiming that UPS could not deliver a package because of an address problem.

One variation of the ruse is also used to trick people who may have made Internet purchases. The “online store” sends a message asking you to print the attached letter, which supposedly contains a tracking number.

According to the Australia-based author of the Web site hoaxslayer.com, other thieves are urging Facebook users to “download a new password.” Like the other phony messages, the attachment contains the Trojan.

Read your e-mails carefully, and NEVER click on anything in an unsolicited message. Don’t open attachments or files from any source you don’t know and trust, and keep your anti-virus software up to date.

Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s membership-funded, nonprofit consumer organization. Individual and business memberships are available at modest rates. For assistance with consumer-related issues, including consumer fraud and identity theft, or for more information, write: Consumer Forum, P.O. Box 486, Brewer 04412, or e-mail contacexdir@live.com.

SEE COMMENTS →

ADVERTISEMENT | Grow your business
ADVERTISEMENT | Grow your business

Similar Articles

More in Business