Messages purporting to be from popular email service providers claim that a DGTFX virus has been detected in the recipient’s email folders and he or she must reply with account details or risk account deactivation.
The messages are not from genuine service providers. They are phishing scams designed to trick users into handing over their email account login details to Internet criminals.
Subject: Email Update (Final Notice)
Dear MSN and Hotmail Subscriber,
A DGTFX Virus has been detected in your folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2012 version to prevent damages to our web mail log and to your important files. Click your reply tab, Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus.
* Full Name:
* User name:
* Date of Birth:
* Country Or Territory:
This back up is necessary to update and to avoid blocking of your account. If you do not respond to this message you will lose your account permanently. Thank you for your usual co-operation we apologize for the inconvenience.
Member Service Team.
* This assumes a reasonable growth rate. Microsoft respects your privacy. To learn more, please read our online Privacy Statement. For more information or for general questions regarding your e-mail account, please visit Windows Live Hotmail Help. Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA 2009 Microsoft Corporation. All rights reserved AFTER VERIFICATION,A MESSAGE WILL BE SENT TO YOU AFTER WHICH YOU ARE ADVISED TO CHANGE YOUR PASSWORD IMMEDIATELY
Subject: ACCOUNT NOTIFICATION!!!
A DGTFX Virus has been detected in your Yahoo. folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab, Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus.
Director of Yahoo.Inc Technical Team. Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
All Yahoo.Inc User Should Reply Now !!
Thank you for your co-operation.
Yahoo Account Support
Warning Code :ID67565453
A DGTFX Virus has been detected in your BT internet mail folders. Your email account has to be upgraded to our new Secured DGTFX anti-virus 2011 version to prevent damages to our web mail log and your important files. Click your reply tab,Fill the columns below and send back to us or your email account will be terminated to avoid spread of the virus..
Date of birth:
After receiving the information requested you will be able to continue using your BT internet mail without hitches. Please do bear in mind that we reserve the right to close this BT internet account if this request isn’t granted on time.
Thank you for your usual co-operation. We apologize for the inconvenience.
Member Service Team.
For several years, phishing scam emails claiming to be from Yahoo, BT Internet, Microsoft, Google, and several other service providers have been distributed by cybercriminals. The emails claim that the “DGTFX virus” has been discovered inside the recipient’s email folders and that, to avoid spreading the virus to other users, he or she must reply with the account username, password and other details. The messages warn that the infected account will be terminated if the user does not provide the requested details quickly.
The messages are not from any genuine email provider and the claim that a DGTFX virus has been detected is a lie. The virus claim is designed to panic the user into complying with the request for information without due forethought. Those who fall for the ruse and send their details as requested will in fact be providing criminals with the means of hijacking their email accounts. Once they have received the account information, these criminals can login to the user’s email account, lock him or her out of the account by changing the password, and then use the account at will for their own nefarious purposes.
These criminals often use such hijacked accounts to launch further scam and spam campaigns. One such ruse is designed to trick contacts of the victim into sending money to online criminals. Once they have gained access to the hijacked account, the scammers will then send emails to all of the people on the account’s contact list. These emails will falsely claim that the account holder is in a very difficult situation and desperately needs financial assistance. Usually, such emails claim that the account holder is stranded in another country without money or travel documents due to a robbery or lost baggage.
The scammers use technical sounding language (“DGTFX virus”, “1024-bit RSA keys”) in an attempt to make their false claims a little more believable. Less experienced computer users may be especially vulnerable to this tactic. They also pretty up their scam messages with logos and other graphics stolen from the websites of the service providers they are targeting.
Legitimate service providers will never send you an unsolicited email that asks you to reply with email usernames and passwords. This is a very common scam that has spawned a number of variations over recent years. Customers of several well-known service providers have been targeted, including those who use Gmail, AT&T, Hotmail, and Bigpond.
Any email that asks you to reply with sensitive information such as your username and password is sure to be a scam. Note also that some variations of the scam ask users to supply account details by following a link to a bogus website or by opening an attached file.
Last updated: December 16, 2016
First published: November 18, 2011
By Brett M. Christensen