It’s not uncommon for spam to include false warnings in order to trick the recipient into falling for a scam, a phishing attack or installing malware.
A previous spam campaign that was active towards the end of 2007 came in the form of an e-mail allegedly from a private investigator hired to investigate the recipient. This is a private investigator with a heart, it seems, since the email recipient is advised that their telephone is being monitored and that it will be revealed who planned this surveillance in a follow-up e-mail.
As a sign of good faith by the private investigator, a password-protected compressed file was attached to the message that supposedly contained a recording of the victim’s telephone conversations. In reality however, this password-protected compressed file was designed to defeat anti-malware applications running on the victim’s computer.
The file actually contained malware in the form of a Trojan horse, identified by Symantec Corporation as Trojan.Peacomm.D, which most of us know as the “Storm” Trojan. This malware is designed to gather system information and email addresses from a compromised computer. As well, this Trojan can infect legitimate system drivers, and variants can insert components into legitimate processes such as Explorer.exe and Services.exe.
Now we’re faced with a variant of this email scam, the Hitman email. These fear-provoking emails contain a threat that the recipient will be murdered by a hired Hitman. Fortunately, there is a way out of this predicament however; if the recipient will agree to pay a substantial sum of money to the Hitman the contract will be cancelled.
These Hitman emails are not a new occurrence since they were circulating on the Internet early in 2007. These frightening emails have resurfaced again in the past few months, and they seem to be aimed primarily at a select group of professional high earners, such as doctors, lawyers, and business owners, who are more likely to be in a position to pay the large sums of money demanded in the email.
Although there are many variations of this email, here is one example:
I want you to read this message very crefully, and keep the secret with you till further notice, You have no need of knowing who i am, where am from,till i make out a space for us to see, i have being paid $50,000.00 in adbance to terminate you with some reasons listed to me by my employer,its one i believe you call a friend,i have followed you closely for one week and three days now and have seen that you are innocent of the accusation,
Do not contact the police or F.B.I or try to send a copy of this to them, because if you do i will know, and might be pushed to do what i have being paid to do,beside this is the first time i turned out to be a betrayer in my job.
Now listen,i will arrange for us to see face to face but before that i need the amount of $80,000.00 and you will have nothing to be afraid of.I will be coming to see you in your office or home dtermine where you wish we meet,do not set any camera to cover us or set up any tape to record our conversation,my employer is in my control now,
You will need to pay $20,000.00 to the account i will provide for you, before we will set our first meeting,after you have make the first advance payment to the account,i will give you the tape that contains his request for me to terminate you, which will be enough evidence for you to take him to court(if you wish to), then the balance will be paid later.
You don’t need my phone contact for now till am assured you are ready to comply good.
Like all email scams these emails, which contain many grammatical and spelling errors, are generally sent to a large number of people within the targeted group in the expectation, (usually justified), that some will respond. Compounding the issue further, the cyber criminals may try to collect personal information from the victim in an attempt at identity theft.
Keeping in mind that email scams are sent out in bulk it’s reasonable to assume, if you should receive such an email, you are not in any danger of being murdered by a hired killer. Obviously the attempt at extortion is genuine, but the threat against your life is not.
Internet security experts always advise; if you receive unsolicited email messages, you should not reply or respond in any way, but instead simply delete the message from your inbox. In the case of this particular email scam law enforcement officials repeat that advice; that you not respond.
However, in the event you receive a threatening email that includes significant personal information that is specific to you, to ensure your safety, it would be prudent to report this to your local police department.
Don’t Get Scammed!
Many scammers are very cunning, so being smart is NOT enough to protect yourself. Every day smart subscribers thank us saying they would have been scammed if they didn’t subscribe to ScamBusters. Don’t take a chance. Subscribe FREE to ScamBusters, a public service and the #1 publication on Internet fraud.