Threatening “complaint” email accuses the recipient of sending emails containing viruses and instructs him or her to open an attachment supposedly containing email log files.
False – Attachment contains malware
To Whom It May Concern:I am tired of receiving messages containing malicious computer programs (viruses) from your e-mail address!!! If within 1-2 days you do not stop sending messages to my e-mail address, I will have to address this issue to the Police!… Today I received a hard copy of your data logs from my Internet service provider. The copy contains your IP address, logs of sending malicious programs and your e-mail address details…
I am sending you the copy of the document containing your data and logs of sending malicious programs as the proof of your fault!!!!!!
You must print the document containing the list of your data and logs of sending malicious programs and pass it on to your Internet service provider with, so that they could find out why the viruses are sent from your computer to my e-mail address!!!!
Ask your Internet service provider to resolve this problem!!!!
Do this now!!!
Once again!!! If you don’t stop sending the letters, I will address to the Police and file a lawsuit against you!!!
According to this threatening complaint email, the sender has been receiving virus emails that originate from the recipient’s computer and is intending to take legal action if the matter is not quickly resolved. The message demands that the recipient print out a copy of the email log and data files, supposedly contained in an email attachment, and pass them to his or her Internet Service Provider so that they can ascertain why the alleged virus emails are being sent. The sender warns that he will involve the police and file a lawsuit if the recipient does not comply with this request immediately.
However, it is the complaint email itself that actually delivers the malicious program and the claims in the message are entirely bogus. Rather than log files proving that virus emails have been sent from the recipient’s computer, the attachment actually contains malware. Opening the attachment can install a trojan that can collect sensitive information from the infected computer and communicate with a remote server.
The message is intended to trick the recipient into opening the attachment without due care and attention. Stung by the unfair accusations in the message, and fearful of the threat of impending legal action, many recipients may immediately open the attachment after reading the message. The criminals responsible for distributing such malware rely for success on provoking this natural panic reaction in their potential victims. Malware vendors have repeatedly used similar tactics in the past and are likely to continue to do so. In 2006, a bogus Mail Server Report that claimed that emails containing worms had been sent from the recipient’s computer itself contained a worm hidden in an attached file. In 2005, malicious emails were distributed that claimed that the FBI or the CIA had logged the recipient visiting illegal websites and instructed him or her to open an attached file for details. The attachment contained a variant of the Sober worm. And in 2007, a “complaint” email that falsely claimed to be from the Federal Trade Commission attempted to fool recipients into installing an information-stealing trojan hidden in an attached file.
As an Internet user, you need to remain continually vigilant against clever criminal tactics such as these. You need to be wary of any unsolicited email that contains an attached file. Even if a message is threatening or requests urgent action on your part, always take the time to properly evaluate the claims in the message before opening any attachments or clicking on any links. To mitigate the dangers posed by malware and Internet worms, users should also ensure that they operate reliable and up-to-date security software.
You can learn how to protect your computer systems from all manner of security threats quickly and cheaply. Click here for details.
Last updated: 11th September 2008
First published: 11th September 2008
By Brett M. Christensen