Pinterest Stumbleupon Whatsapp

It’s becoming easier to spot a scam email How to Spot a Phishing Email How to Spot a Phishing Email Catching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud. Read More claiming to be from your bank, or Amazon, or even a friend. And scams from strangers are simple to spot.

Or are they?

A new email scam currently sweeping the UK (and looking set to spread to the USA, Canada, and beyond) is deceptive in its simplicity. In short, it doesn’t pretend to come from a business or institution which you’re connected to. It isn’t masquerading as a message from a friend or relative.

In fact, it’s pretty explicit in its admission that the sender has information about you. The trick here is in the presentation, and the attachment.

The Scam That Knows Where You Live

A few days ago, into my inbox popped an unusual email. It wasn’t stopped by my email-scanning tool, or highlighted as spam, and it appeared to originate from a kind-hearted individual who was trying to help me out…

Hello Christian!

I am bothering you for a very serious reason. Though you don’t know me, but I have a large ammount [sic] of data concerning you. The matter is that, most likely mistakenly, the data of your account has been sent to me.

For example, your address is:


I am a lawful citizen, so I decided to personal information may have been hacked. I pinned the file – that I received, that you could learn what info has become accessible for scammers.

Document password is – 6096

Bets wishes

Norene Liano

It’s a fascinating read, isn’t it? Here we have, at first glance, a helpful email from Norene Liano (which may be a fake name, or the name of a botnet-controlled email account), sending you some of your own personal data. They don’t want scammers to affect you.


How kind!

But if we look closely, we can see something else going on; something that identifies this as a clever scam.

Of Course, It’s a Scam!

Now, when I first received this email, I was out and about, so it was picked up by the Gmail app on my Android device. It’s clearly a scam (the whole concept of someone “sending” me my data was enough of a giveaway) — yet the fact that the email featured my actual living address was somewhat concerning.

Don't Be Fooled By This New "Helpful" Email Scam muo new email scam msg

However, research proves that there are many places in which you can find my address. The concerning part is the matching of my email address with my postal address. This suggests that an online store, bank, utility, or other business I have a consumer relationship with has been hacked.

With so many hacks occurring over the years, it’s tricky to narrow down which one, but at this stage I’m going to suggest eBay. It’s one of the few online accounts that has my address, and has been the target of some major hacks in recent years The eBay Data Breach: What You Need To Know The eBay Data Breach: What You Need To Know Read More . The security was such a mess that we once recommended abandoning the online auction store altogether 7 Security Reasons Why You Should Avoid eBay 7 Security Reasons Why You Should Avoid eBay In the last few years, eBay has been hit with seemingly endless hacks, data breaches, and security flaws, which they've struggled to deal with. Are eBay trustworthy, or should you avoid shopping with them? Read More .

Have You Been Pwned?

The origin of the address data continues to pique my interest. Some have suggested the UK electoral roll, or a charity. However, the lack of recent hacking reports around these institutions means I continue to suspect eBay.

And this means that the scam won’t be centered on the UK. Sooner or later, it’s going to hit Canada, the USA, Europe, Australia… and then everywhere else in the world.

Don't Be Fooled By This New "Helpful" Email Scam New Email Scan HIBP Blur


Whether the data has come from an eBay hack or not, you should check the website Have I Been Pwned? Use the form to input your email address and check what breaches involved your data Are Hacked Email Account Checking Tools Genuine Or A Scam? Are Hacked Email Account Checking Tools Genuine Or A Scam? Some of the email checking tools following the alleged breach of Google servers weren't as legitimate as the websites linking to them might have hoped. Read More .

If you find anything, make sure you change your passwords.

The Attachment

Now, the presence of my postal address is really a dangling carrot with which to draw me in. If you received this message from a stranger, bearing your postal address, you’d want to check what other information was leaked, wouldn’t you?

Don't Be Fooled By This New "Helpful" Email Scam muo new email scam attachment

The attachment that ships with these messages is in the DOT format, used for Microsoft Word template documents. This is a useful file type that you can use to create a standard document template — perhaps a letter — that can be reused over and over Save Word Documents as Templates for Easier Editing Save Word Documents as Templates for Easier Editing Saving an Office file as a template means that you can quickly make multiple versions from one master without accidentally overwriting it. Here's how. Read More . It’s also capable of running macros How to Protect Yourself From Microsoft Word Malware How to Protect Yourself From Microsoft Word Malware Did you know that your computer can be infected by malicious Microsoft Office documents, or that you could be duped into enabling the settings they need to infect your computer? Read More .

Macro scripts have been the cause of many security issues in the past, so much so that they’re disabled by default. Some security researchers recommend avoiding Microsoft Office entirely, due to the threat from macros.

If you opened the attachment and had Word installed on your PC, you would see a prompt to input the password stated in the email (in my case, 6096). This would then display a standard This Document is protected! screen, which demands that you enable macros. To do this, you would click the Enable Content button.

Do not do this!

This is the point at which the trap is sprung. Enabling the macro will result in you being infected with the Troj/Agent-AURH zombie malware. This is botware; the malware will communicate with its command-and-control network to await instructions. Perhaps it will coerce your computer to take part in a DDOS How Can You Protect Yourself Against a DDoS Attack? How Can You Protect Yourself Against a DDoS Attack? DDoS attacks – a method used to overburden Internet bandwidth – seem to be on the rise. We show you how you can protect yourself from a distributed denial of service attack. Read More . Or, the malware could download other malicious software to your PC — anything from worms to a data-encrypting ransomware infection Beat Scammers With These Ransomware Decryption Tools Beat Scammers With These Ransomware Decryption Tools If you've been infected by ransomware, these free decrypting tools will help you unlock and recover your lost files. Don't wait another minute! Read More is likely.

Never Open Odd Email Attachments!

By now, email scanning tools should be updated with the profile data of this scan. If not, you know what to look out for. We’d suggest that you remain vigilant with online and computer security 5 Vital Computer Security Tips You Need To Learn Today 5 Vital Computer Security Tips You Need To Learn Today It isn't enough to just want to be secure; you have to actively ensure your digital security, day in, day out. These five tips will help. Read More , and avoid opening unsolicited email attachments.

In fact, avoid all email attachments with unusual file extensions. In this age of cloud storage, there is no real reason why anyone should send a document when they can share it from the cloud.

Should you receive an email that you’re confused about, the best thing to do is leave it until you can find someone you know and trust to give you their opinion. If that person is more technologically savvy than you, even better. Don’t ask the sender for advice. They’re likely to tell you to open the attachment!

If in doubt, delete. No one is sending you money via email, so you won’t miss out on anything by ignoring it.

Have you received an email of this type? Did you open, or delete? Tell us about it in the comments.

Image Credit: wk1003mike via

Leave a Reply

Your email address will not be published. Required fields are marked *