Watch out for fake "Eviction Notice" emails carrying malware: SSO Alert Priority High
7 March 2014
Subscribers should be aware of an "Eviction Notice" email spam campaign, pretending to be from authorities such as property managers, law firms or insurance companies. The emails carry malware as an attached .exe or .zip file.
There has been a recent surge in the volume of these emails in Australia. The attached malware has also been able to avoid detection by many antivirus products.
The message content, sender and subject line may vary, but most current examples warn of eviction from your property and include malware as an attachment with a file name such as "Eviction_notice_Realty_Services.exe".
Generalised approaches, such as addressing the message “to the occupant”, without your name specified are a good indication that the messages are spam.
An example of the message is below:
From: "Eviction notice" Subject: For the Attention of Household Member"
Hereby we inform you that you will be foreclosed on your property residential and have a status of a trespasser.
Please vacate it within the period of 28 days since the date of this notice.
You have to contact our office as soon as possible to make necessary move out arrangements.
Otherwise you will be locked out from your home.
Please find the bank statement enclosed to this notice.
Real estate agency, Isabella Smith
Other known subject line examples include:
"For the Attention of Household Member" "To the attention of Occupant" "Attention Occupant" "Notice of Eviction" "Notice to move out"
The malware has been changed frequently by its creators to help it avoid detection by antivirus software.
The malware currently targets Windows operating systems.
If you open the malware attachment and your computer becomes infected, your system may become part of a botnet which can be used to spam other people with malware, download further malware to your machine, access your personal files and information, or undertake other activity such as online advertising ‘click’ fraud.
What should you do?
always be suspicious of unsolicited emails
do not click links or open attachments in these email. The best advice is to simply delete the email.
ensure your security software is up to date
if you have opened the attachment, or you think you might be affected, use your security software to run a scan of your computer. You may also choose to seek specific technical advice from your local support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.