Our friends at the Vipre AV Labs recently reported spotting an increase in spam about a traffic ticket that supposedly comes from a state department in New York. The spam email says that the reader has been charged with speeding and should open the attached ticket.
The attached ticket has a .pdf attachment but really it’s a piece of malware known as a Trojan. Pretending to be a friendly file type is a common trick used by criminals to fool people into opening files that are actually malicious.
When the fake .pdf file is opened it connects to a server in the Ukraine to download and run the pusk3.exe. The pusk3.exe file will then install some nasty little beasties onto your PC including a fake AV malware.
CNN wrote an article on this traffic ticket scam in early July. But it is still getting plenty of attention and very active. This means no one is listening and the scam is still being successful. We should expect to see new versions of this scam for a while.
Anyone using an application whitelisting solution is already protected from nasty little attachments pretending to be something else. Faronics Anti-Executable prevents anything that is not allowed to run from doing so even if they dress up as a good guy.