About that speeding ticket – it’s a scam

One thing worse than getting a traffic ticket in the mail would be getting a traffic ticket that’s actually a phishing scam trying download malware onto your computer.

Government employees in Seattle recently received e-mails purporting to be from the city’s Department of Motor Vehicles, telling them they had been clocked driving over the speed limit and instructing them to click a link to fill out a form, according to an alert from the Seattle police.

The link takes them to one of several recently registered domains overseas. Microsoft’s Malware Protection Center, which is investigating the scam with the Seattle PD, wrote in a blog post that one of the links went to a domain in Ukraine registered on Jan. 16.


Related stories:

Phishing economy: Why tiny Tokelau is 3rd largest country domain

Why spear phishing? Cyber crooks are all about the ROI.


That site contains JavaScript that tries to exploit an old vulnerability in Microsoft Data Access Components Function that was addressed by a Windows update in 2006. But if the exploit is successful, it will download a worm from a .ru domain, Microsoft said.

One tip-off that the e-mail isn’t from the Seattle DMV is that the date of offense on the ticket is listed in the European style, with the day of the month first, followed by the month and year, such as 20/12/2011. Another tip-off is that Seattle, like every other municipality, doesn’t send tickets via e-mail. They still rely on the Postal Service for that. (In many places you can pay tickets online, but you still won't receive them electronically.)

All of the domains to which Microsoft has traced the phishing campaign are newly registered, “so this is a new spam campaign,” Microsoft said.

But it’s not a new trick. In August 2011, police from New York to Hawaii issued warnings about a nationwide spam campaign that purported to be “Uniform Traffic Tickets” from state police departments.

Recipients were told an attached .zip file in the e-mail was a copy of their ticket, which they were to fill out and send to a town court. The attachment contained malicious software that would install itself on the recipient’s computer of they opened it.

The social engineering trick used in these campaigns -- posing as an authoritative organization such as a human resources department, credit bureau, tax department or some other government entity -- is one of the most common phishing tactics.

Microsoft said they best ways to avoid getting hooked by phishing scams is to keep security software updated and learn to recognize phishing tactics.

 

About the Author

Kevin McCaney is editor of Defense Systems. Follow him on Twitter: @KevinMcCaney.

Reader Comments

Mon, Feb 6, 2012

Amazing (that anybody, anywhere, would actually fall for this). Then again, look at who we vote into office...

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above