Mark O’Neill, editor of MakeUseOf and a contributing writer to Geeks Are Sexy, said in an email to me recently following the publication of one of his GAS articles that he had received an email death threat based on his views and observations espoused in that article. So should Mark be concerned? Should he be worried that some harebrained critic has him in his sights? Well, probably not.
Mark’s experience however brought to mind a number of spam email attacks that include false warnings, including death threats, in order to deceive the recipient into falling for a scam, a phishing attack or installing malware.
A spam campaign that was active towards the end of 2007, and still continues, comes in the form of an e-mail allegedly from a private investigator hired to investigate the recipient. This is a private investigator with a heart, it seems, since the email recipient is advised that their telephone is being monitored and that it will be revealed who planned this surveillance, in a follow-up e-mail.
As a sign of good faith by the private investigator, a password-protected compressed file is attached to the message that allegedly contains a recording of the victim’s telephone conversations. In reality however, this password-protected compressed file is designed to defeat anti-malware applications running on the victim’s computer.
The file actually contains malware in the form of a Trojan horse, Trojan.Peacomm.D, which most of us know as the “Storm” Trojan. This malware is designed to gather system information and email addresses from a compromised computer. As well, this Trojan can infect legitimate system drivers, and variants can insert components into legitimate processes such as ‘Explorer.exe’ and ‘Services.exe’. (For more info regarding what Windows system processes should, and should not be running on your Windows computer see ProcessLibrary.)
Cyber criminals, being what they are, have improved upon this scheme by developing a variant of this email scam – the Hitman email. These fear-provoking emails contain a threat that the recipient will be murdered by a hired hitman. Fortunately for the intended victim, there is a way out of this predicament however; if the recipient will agree to pay a substantial sum of money to the hitman the contract will be cancelled.
These hitman emails are not a new occurrence since they have been circulating on the internet since early 2007. These frightening emails seem to be aimed primarily at a select group of professional high earners, such as doctors, lawyers, and business owners; those who are most likely to be in a position to pay the large sums of money demanded in the email.
Although there are many variations of this email, here is one example:
I want you to read this message very crefully, and keep the secret with you till further notice, You have no need of knowing who i am, where am from,till i make out a space for us to see, i have being paid $50,000.00 in adbance to terminate you with some reasons listed to me by my employer,its one i believe you call a friend,i have followed you closely for one week and three days now and have seen that you are innocent of the accusation.
Do not contact the police or F.B.I or try to send a copy of this to them, because if you do i will know, and might be pushed to do what i have being paid to do,beside this is the first time i turned out to be a betrayer in my job.
Now listen,i will arrange for us to see face to face but before that i need the amount of $80,000.00 and you will have nothing to be afraid of.I will be coming to see you in your office or home dtermine where you wish we meet,do not set any camera to cover us or set up any tape to record our conversation,my employer is in my control now,
You will need to pay $20,000.00 to the account i will provide for you, before we will set our first meeting,after you have make the first advance payment to the account,i will give you the tape that contains his request for me to terminate you, which will be enough evidence for you to take him to court(if you wish to), then the balance will be paid later.
You don’t need my phone contact for now till am assured you are ready to comply good.
Like all email scams these emails, which contain many grammatical and spelling errors, are generally sent to a large number of people within the targeted group in the expectation (usually justified), that some will respond. Compounding the issue further, the cyber criminals may try to collect personal information from the victim in an attempt at identity theft.
Keeping in mind that email scams are sent out in bulk it’s reasonable to assume, if you should receive such an email, you are not in any danger of being murdered by a hired killer. Obviously the attempt at extortion is genuine, but the threat against your life is not.
Internet security experts always advise, if you receive unsolicited email messages, you should not reply or respond in any way, but instead simply delete the message from your inbox. In the case of this particular email scam, law enforcement officials repeat that advice; that you do NOT respond.
However, in the event you receive a threatening email that includes significant personal information that is specific to you, to ensure your safety, it would be prudent to report this to your local police department.
As an added precaution, if you believe you are the victim of a potential scam visit Scambusters.org a great site that will help keep you up to date on the latest scams circulating on the internet.
From the Scambusters.org web site:
Don’t Get Scammed!
Many scammers are very cunning, so being smart is NOT enough to protect yourself. Every day smart subscribers thank us saying they would have been scammed if they didn’t subscribe to ScamBusters. Don’t take a chance. Subscribe FREE to ScamBusters, a public service and the #1 publication on internet fraud.