Threat blocked
caption

The evil-doers are stepping up their game

| In the last month or so, I have been inundated with a new type of email threat.

The Nigerian prince is so last century! The new ones take the form of a message about an unpaid traffic ticket, a bank transaction that didn't go through, an overdue bill. (I should also note that there have been similar phone attacks purporting to be an FBI agent giving me one last chance to settle up before they file a lawsuit.)

The structure is always the same: a serious-looking message header, ominous text, and an attachment of the bill, ticket, whatever that is at question. The attachment occasionally takes the form of a Word document (in which malicious macros can be embedded) but usually is a compressed (.ZIP) file.

message with attachment containing Trojan
It's easy to see how an unthinking person could be duped into opening this attachment.

Opening the attached .zip file, reveals the javascript file as the only contents.

javascript file in the attachment
Javascript file in the attachment

I've opened a number of these javascript file with a text editor to see what's inside and they are always  "minified" — that is, all the blank spaces removed and the code run together in a long string, a perfect place to hide some evil. If you were to click on such a file and run it, you might not notice anything overt, but for sure your computer would be compromised. Do not try this at home!

My Avast anti-virus always throws up alarms about these files and identifies the bad stuff in them (see top-right, where the nasty is a Trojan called Locky-L. What a Trojan does, essentially, is open a "back-door" to your computer, something you do not want (You go, Apple!).

Some of the recent scamming messages
A few of the threatening messages received recently

Note that these scammers aren't too bright. Sometimes they forget to attach the file containing the virus! At other times, they think that vulgarity will get a response (Hey, works for Trump!).

f-ing bill
Isn't that special?!

Last updated on Apr 13, 2018

Chronicles

Archives

Recent Articles