A wave of spam emails claiming to be traffic infringement notices has been targeting Australians. The email includes links that direct a recipient to a website which attempts to bothscam the recipient and infect their computer with malware.
Stay Smart Online is aware of some recipients being infected with ransomware from infringement notice spam. Ransomware such as Cryptolocker is a particularly malicious form of malware which has been distributed by spam targeting Australians in the past. Recent examples include fake emails purportedly from Australia Post and Energy Australia.
Traffic infringement notices have become a common approach used by scammers as they are likely to alarm a recipient into a reactive response to click the link.
If you receive such an email, do not respond or click links. You should evaluate it as spam and delete it.
Current examples of these emails features the subject ‘Infringement notice’ and an ID number. The body states that you have been caught speeding and that you will need to click a link to view the invoice. The emails also contain a link to view the photos of the alleged incident:
Both links will take you to a malicious website which attempts to scam you for your credit card details, as well as download malware to your computer.
Verifying infringement notices
Official traffic infringement notices are sent via post, not email. You can verify infringement notices by contacting the organisation issuing the notice. Phone numbers, links and contact email addresses included in spam messages are likely to be malicious, so use an alternative method to contact the organisation.
If an issuing organisation is not specifically identified in the message (as in the example above) this is an indication of a scam.
Many states also provide methods for viewing information about infringements.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.