Court-Related Spam Emails Used to Distribute Malware

Why you should use along with
December 27th, 2013, 14:26 GMT · By Eduard Kovacs

In case you receive an email which informs you that you must appear in court at a certain date, be careful, since chances are that you’re dealing with a cybercriminal scheme.

According to Malcovery’s Gary Warner, the campaign is related to the delivery failure spam run that leverages the names of retailers such as Walmart, Costco and Best Buy.

However, in this case, the scam emails purport to come from various law firms such as Jones Day, Latham Watkins, Hogan Lovells, and McDermett Will and Emery. The fake notifications carry subject lines like “Urgent court notice,” “Notice of appearance in court” or “Hearing of your case in court.”

“Hereby you are notified that you have been scheduled to appear for your hearing that will take place in the court of Washington in January 9, 2014 at 11:00 am. Please bring all documents and witnesses relating to this case with you to Court on your hearing date,” one of the emails reads.

Another one goes something like, “This is to advise that you are required to attend the court of Washington in January 19, 2014 for the hearing of your case. Please, kindly prepare and bring the documents related to this case to Court on the date mentioned above.”

Unlike the delivery failure spam run, these emails don’t contain links pointing to malware-serving websites. Instead, they come with an attachment that hides a piece of malware.

If you come across such emails, act with caution. If the attachment is an archive file, it most likely contains malware, so delete it immediately. The sender’s email address can be easily spoofed so don’t be fooled by the legitimate-looking address.

Furthermore, keep in mind that court orders don’t come via email.

If you’re a victim of this attack, regularly scan your computer with an updated antivirus solution. Even if the threat is not detected immediately, security products should be able to spot it after a few virus definition updates – that is if the malware is not identified in the first place based on its behavior.

Managed Service Provider for the following products: Software Family | | | | | |


Comments are closed.

%d bloggers like this: