Beware “Payment/transaction notification” malware emails

Cybercriminals use many methods to trick people into installing malware.

One common method that criminals use to distribute malware is to send out fake payment notification emails.

Often, the emails claim that recipients have recently made a payment for a particular product or service and should click a link or open an attached file to read more details about the payment.

Alternatively, the emails may claim that a recent payment has failed or been rejected by a financial institution. Again, recipients are instructed to open an attachment or follow a link to access more information about the supposed failed payment.

Or, the emails may masquerade as upcoming bills for products or services and ask recipients to click a link or open an attachment to make the payment. The messages may claim that the bill is overdue and must be paid immediately to avoid penalties.

Some of these malware messages are quite crude and consist of just a few lines of text. Others are considerably more sophisticated and may feature professional formatting, the logos of the targeted company, and even secondary links that open the company’s genuine website.

An example targeting Barclays Bank notifying the victim of a “transaction”. The attachment contains malware.

But, regardless of their appearance or level of sophistication, the purpose of these emails is simply to panic people into clicking links or opening attachments – and thereby installing the malware payload – without due caution. Such simple social engineering tricks can be very effective.


Sponsored Content. Continued below...




Recipients may believe that their credit card numbers or online accounts have been used to conduct fraudulent transactions. Or, they may think that transaction or banking errors have occurred. Either way, recipients may be compelled to follow the instructions in the emails in the hope of finding out more details and dealing with the perceived problem.

The malware payloads in these emails may vary. Typically however, once installed, such malware may download even more malware, steal information such as passwords from the compromised computer, and allow criminals to access and control the computer from afar.


Sponsored Content. Continued below...




Be wary of any unsolicited email that claims to contain information about a supposed payment or invoice. Of course, many companies do send payment notifications via email. Often, emailed bills will be included as attached files, usually as PDF’s. But, if you do receive bills from a company via email, ensure that any messages you receive really are from the company before you open any attachments or click any links.

And, certainly, watch out for emails that discuss transactions that you know nothing about or appear to come from companies that you have not recently done business with.

If you receive such an email, do not click any links or open any attachments that it contains.

Share
Published by
Brett Christensen