Sophos Cloud Optix
Computer users beware! There’s a new widely spammed-out malware attack, claiming that you have being fined for speeding in New York City.
The email, which claims to come from the New York State Department of Motor Vehicles, poses as a “Uniform Traffic Ticket” and says that you are charged with speeding at 7:25 AM on the 5th July 2011.
The message concludes that you should print out the attached ticket and send it to the court.
Well, stop there right there! Because the attached file (called Ticket-O64-211.zip) contains a malicious Trojan horse, designed to download further malicious code onto your computer and compromise your security.
The truth is that although the email claims to come from an @nyc.gov email address, the details have been forged and the entire attack is designed to trick unsuspecting computer users into opening the attached file.
Sophos anti-virus products detect the malware proactively as Mal/ChepVil-A, and the ZIP file itself as Troj/Invo-Zip.
Users of other anti-virus products would be wise to check that they are protected, as this attack is being aggressively spammed out right now.
Don’t make the mistake of thinking only American computer users are at risk of attacks like this. As comments posted on Sophos’s Facebook page prove, users have been receiving these messages even when based on the other side of the world.
Even if you aren’t based in the United States, or even don’t drive a car, you may very well open the attachment out of curiousity and end up with an infected computer.
Widely spammed out is an understatement, got 3 of these in my inbox from 4:20am to 7:25am
I’ve had spam supposedly from Western Union, DHL, FED EX, speeding fines, parking fines etc. I Never open it. Never, I’ve not got a car I’m not a user of any delivery or money transfer company either. If it was a real ticket you’ll soon find out. Lol
For those who like to point out subtle errors in a scam, be advised that the speed limit in NYC in only 50 mph, not 55. It is 55 in the areas of NYS surrounding NYC (e.g., Nassau County).
The poor, broken English is also a dead giveaway. "Speed over 55 zone" and "Send it to town court." Of course, the biggest dead giveaway, other than the fact that most people who receive this have never recently driven in NYC, is the fact that you would never actually get such an email from the authorities/government.
I got to this email I live in Bulgaria and I've never been to America
I get this e-mail subject ,,Uniform traffic ticket ,, every hour, last ten days, and a message from Google Team:
<The message "Uniform traffic ticket" from no-reply 9 (no-reply.9@nyc.gov) contained a virus or a suspicious attachment. It was therefore not fetched from your account k……@k…..net and has been left on the server.
If you wish to write to no-reply, just click reply and send no-reply a message.
Thank you,
The Gmail Team >
I have put the senders address to the Blacklist on the server, but it is still coming. I do not know what to do.
I have never opened this mail message or downloaded from the mail box on the server.
Can you give me any advise?
You can't Blacklist the email address, that's a whole network of infected computers. You have blacklisted a masked email address, not the true one. The malicious e-mail is sent from a different address every time, even though the sender looks the same. If you open the e-mail, your computer will join the zombie network and send out spam, infecting other computers. Just ignore the message and you'll be good.
Thanks Iksi99, old friend ! The time has come that teachers learn from their best students 🙂
That's nothing, just helping a friend in trouble! 🙂
Be careful, though, if your computer accidentaly gets infected, it can be used to launch Denial of Service attacks.
Get this spam e-mail
Don’t drive a car.
-Success kid
I got this the other day, which is, of course, absurd, since I've never been to New York. Your software for the Mac immediately spotted it, but I would never open anything like that anyhow.
I've received several of these emails. I never open anything that looks remotely suspicious and I would never open an attachment on one of these spams. I also get spam from, allegedley, the FBI, the federal Reserve, every bank you can name, to quote but a few. They all get deleted without being opened. Anyone who opens one of these emails needs his/her head read! Anyone who then goes on to open an attachment, well, they shouldn't be allowed near a computer.
Mick Ames, United Kingdom
Just got this today, few min ago, 8:55 eastern time.
I'm gonna email $200.00 to be on the safe side!
why can't our government officials or police services track this down, they would if it were a threat to POTUS
I got this in my Yahoo mail today and I have been to NY last yr BUT I did not open the attachment but I did open the email. I hope I am not a part of that network now as I open the email. If I am how do I get myself out if possible???
I did do an IP search on the email and it came from (get this) M.I.T. a university (well known) in MA
I reported the whole email to yahoo as fraud and posted this page’s warning on my FB page for people not to fall for it. I hope I helped someone.
WHY do people do these things to others? They must have a miserable life and hate themselves and the world to be so evil. What goes around comes around so they will get theres in the end.
As long as you do not open the attachment, your computer will not become infected.
While ignoring this type of malicious Email will certainly not cause you any harm, I feel this is an inadequate response. Why can't we attack the attackers?
Just got this email and opened it. I also paid the fine and sent money to a lawyer in Nigeria to help me out of the ticket. He said he was going to sue and make me millions!!!! All I had to do was send him $1500 to get the process started! I can't wait!! Gonna buy a Ferrari!
UNIFORM TRAFFIC TICKET comes from Lima, Peru, and an Australian point (today, 24October2011) or from Ujjain, India, to Seoul, S.Korea, to Moscow, Russia, and then to the U.S. (11October2011).
If it were a scam, it would not work since the return address (to which a fine might be sent) is incomplete – no city, state or zip.
OFF WITH THEIR HEADS!
Yahoo mail should be filtering this totally instead of sending it on to someone in his spam folder.
got 3 of these this morning, but my email program didn't include any attachments or images…Haven't been to NYC in over 20 yrs.
Looks like we need to all slow the hell down! 😉
What do you do if you opened it? :(((((