The bogus notifications appear to come from HMRC and the Companies House

Nov 4, 2013 15:53 GMT  ·  By
Beware of malware-spreading emails that appear to come from UK government organizations
   Beware of malware-spreading emails that appear to come from UK government organizations

Experts have spotted a couple of malicious emails purporting to come from UK government organizations. The bogus notifications are being used by cybercriminals to distribute malware onto the computers of internauts, particularly ones from the United Kingdom.

According to MX Lab, one of the fake messages appears to come from HM Revenue and Customs ([email protected]) and it’s entitled “Successful Receipt of Online Submission for Reference 3649531.”

“Thank you for sending your VAT Return online. The submission for reference 3649531 was successfully received on Mon, 4 Nov 2013 01:44:27 -0600 and is being processed. Make VAT Returns is just one of the many online services we offer that can save you time and paperwork,” the fake email reads.

The second bogus notification purports to come from the Companies House ([email protected]) and it carries the subject line “New Case.”

“(CC01) Company Complaint for the above company was accepted on 11/04/2013. The submission number is GG3O7O6WJ6L0V0G. Please quote this number in any communications with Companies House. All WebFiled documents are available to view / download for 10 days after their original submission,” it reads.

In both cases, the SMTP address [email protected] is used. The file attached to the malicious emails is a zip archive that hides a Trojan.

Once it’s installed on a computer, the malware connects to a remote server and collects information on the infected system. The threat is designed to steal sensitive information from web browsers.

Most popular antivirus solutions are already capable of detecting the threat. However, to make sure that your computer doesn’t become infected, avoid opening files attached to unsolicited emails, even if they look legitimate.

It’s worth noting that we’re seeing a considerable rise in the number of malware distribution campaigns leveraging the name and reputation of UK government organizations.