This is a message sent via
In The Know - Surrey and Sussex. This information has been sent on
behalf of Action Fraud (National Fraud Intelligence Bureau)
(Please do not reply or
forward this email directly; please use the Reply, Share buttons at the
bottom of this message)
Message sent by
Action Fraud (Action Fraud,
Fraudsters are sending out a
high volume of phishing emails to personal and business email
addresses, pretending to come from various email addresses, which have
The subject line contains
the recipient’s name, and the main body of text is as below:
I am disturbing you for a
very serious reason. Although we are not familiar, but I have
significant amount of individual info concerning you. The thing is
that, most likely mistakenly, the data of your account has been emailed
For instance, your address
[real home address]
I am a law-abiding citizen,
so I decided to personal data may have been hacked. I attached the file
– [surname].dot that I received, that you could explore what info has
become obtainable for scammers. File password is – 2811
The emails include an
attachment – a ‘.dot’ file usually titled with the recipient’s name.
attachment is thought to contain the Banking Trojan Ursniff/Gozi, hidden
within an image in the document. The Ursniff Banking Trojan attempts to
obtain sensitive data from victims, such as banking credentials and
passwords. The data is subsequently used by criminals for monetary gain.
Having up-to-date virus
protection is essential; however it will not always prevent your
device(s) from becoming infected.
Please consider the
- Don’t click on links or
open any attachments you receive in unsolicited emails or SMS
messages: Remember that fraudsters can ‘spoof’ an email address to
make it look like one used by someone you trust. If you are
unsure, check the email header to identify the true source of
communication (you can find out how by searching the internet for
relevant advice for your email provider).
- Do not enable macros in
downloads; enabling macros will allow Trojan/malware to be
installed onto your device.
- Always install software
updates as soon as they become available. Whether you are updating
the operating system or an application, the update will often
include fixes for critical security vulnerabilities.
- Create regular backups
of your important files to an external hard drive, memory stick or
online storage provider. It is important that the device you back
up to is not connected to your computer as any malware infection
could spread to that as well.
- If you think your bank
details have been compromised, you should contact your bank immediately.
you have been affected by this or any other fraud, report it to Action
Fraud by calling 0300 123 2040, or visit www.actionfraud.police.uk.
Please use the buttons below
or click these links to Reply
this message. Do not reply or forward using your standard email