14 DAY TRIAL // Over a year has passed since fake traffic ticket purporting to come from various police stations have started landing in inboxes. The versions we’ve seen so far involve an attachment that contains a piece of Trojan.
Experts from Avira have come across a variant that’s somewhat different. Instead of carrying an attachment, the notifications come with a link that allegedly points to a webpage which contains the details of the fine.
In actuality, the website in question doesn’t contain information on a speeding ticket, but a piece of obfuscated JavaScript that’s designed to redirect the victim to a Russian website via an invisible IFRAME.
The site was taken offline, but when it was active, it most likely served malware.
Since this campaign will most likely continue (with the link pointing to a different domain), users are advised to avoid these emails. Remember, fines don’t come via emails or locked computer screens.