|Message sent by|
|Action Fraud (Action Fraud, Administrator, National)|
|Fraudsters are sending out a high volume of phishing emails to personal and business email addresses, pretending to come from various email addresses, which have been compromised.|
The subject line contains the recipient’s name, and the main body of text is as below:
I am disturbing you for a very serious reason. Although we are not familiar, but I have significant amount of individual info concerning you. The thing is that, most likely mistakenly, the data of your account has been emailed to me.
For instance, your address is:
[real home address]
I am a law-abiding citizen, so I decided to personal data may have been hacked. I attached the file – [surname].dot that I received, that you could explore what info has become obtainable for scammers. File password is – 2811
The emails include an attachment – a ‘.dot’ file usually titled with the recipient’s name.
This attachment is thought to contain the Banking Trojan Ursniff/Gozi, hidden within an image in the document. The Ursniff Banking Trojan attempts to obtain sensitive data from victims, such as banking credentials and passwords. The data is subsequently used by criminals for monetary gain.
|Having up-to-date virus protection is essential; however it will not always prevent your device(s) from becoming infected.|
Please consider the following actions:
If you have been affected by this or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visit www.actionfraud.police.uk.