Malware attack disguised as email about blocked credit card

Filed Under: Featured, Malware, Spam

Cybercriminals have spammed out emails which claim to be a warning that your credit card has been blocked, but in reality contain a malicious attachment designed to infect your computer.

Be on your guard if you receive an unexpected email claiming that your credit card is blocked.

The dangerous emails use subject lines including

Your credit card is blocked

and

Your credit card has been blocked

A typical email looks like the following:

Email

Dear Customer,
Your credit card is blocked!

Your credit card was withdrawn $ XXXX,XX
Possibly illegal operation!

More information in the attached file.

Immediately contact your bank .

Best regards, MASTERCARD.com Customer Services.

Here's another version:

Email

Dear User,
Your credit card is blocked!

With your credit card was removed $ XXXX,XX

Possibly illegal operation!
More details in the attached file.

Instantly contact your bank .

Best Wishes, MASTERCARD Customer Services.

Note that although the examples above refer to MasterCard, there are other versions which reference Visa, for instance.

The filenames and sums of money mentioned can vary from email to email, as does the wording in the message body. Presumably this was done by the cybercriminals in an attempt to avoid detection by security products.

Fortunately, the bad guys haven't succeeded - at least as far as Sophos is concerned.

Sophos products intercept the malicious emails and the attachment as Mal/RarMal-C and Troj/Bredo-IZ, protecting your Windows computer from infection.

If you receive an email claiming that your credit card has been blocked - treat it with suspicion.

If you're concerned that the email might be true, contact your bank directly (ensuring that you use a trusted point of contact - rather than believe the phone number or website offered to you by a spammed-out email!)

, , , ,

You might like

One Response to Malware attack disguised as email about blocked credit card

  1. SD8 ยท 1165 days ago

    Dumb cybercriminals, they still can't use correct grammar.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.