Please see below Fraud prevention advice sent to Hillingdon police by the The National Fraud Intelligence Bureau.
The National Fraud Intelligence Bureau (NFIB) has received the first reports from victims of a new type of email containing an attachment which will, once opened, download malware onto the victim’s computer.
We are raising awareness of this type of email in order to help people to stop themselves from becoming victims.
The NFIB has recently received a high volume of reports about emails containing a piece of malware purporting to be an invoice or details of a transaction which has taken place.
This alert is disseminated because the specific wording of the email is new and convincing. It contains details of a fake order which appears to have been sent by a legitimate company (the email address of this company is “spoofed”).
The payment method is always described as having taken place by credit card, with details of a fake transaction number.
The email will state that you can find more detailed information on the purchase in the attached file, many people fall victim to opening the attachment because they can not remember placing an order and wish to find out more. Opening this attachment may infect your computer with a virus.
The telephone numbers being provided at the bottom of the email are not genuine and are often connected to people that have no knowledge of the email or that their number is being used.
An example of this email is detailed below:
Thank you for using our services!
Your order #1190618185 will be shipped on 30.08.2014
Date: August 27, 2014. 03:36pm
Payment method: Credit card
Transaction number: 43000F36A771
Please find the detailed information on your purchase in the attached file (order_2014-08-27_14-56-37_1190618185.zip)
Sales Department ******
The NFIB advises people to take the following steps to reduce the potential for falling victim to this type of virus:
- Do not click on any attachments or links within emails unless you are sure that you know who has sent them.
- If you have not recently made an order with the company specified in the email do not open the attachment.
- Check the legitimacy of the email with the company that has supposedly sent it – it is a good idea to find a telephone number for them independently from the email as the phone number provided may be fake or go straight to the suspect.
- Ensure you have up-to-date anti-virus software and perform regular scans.
- If you have opened the attachment be extra vigilant when logging on to online banking and consider having your machine checked by an expert.
If you think you have been a victim of this type of email you should report it to Action Fraud, the UK’s national fraud and cyber crime reporting centre.
If you do make a report please provide as much detail as you can about the email and any effects it has had on your computer. Additionally if your Anti-Virus software detects any issues in relation to this email please provide us with the details.
If you do become a victim of this type of crime, report it: www.actionfraud.police.uk