Jul 12, 2011 16:22 GMT  ·  By

Scareware distributors have launched a new spam campaign that produces fake emails purporting to come from the police and containing traffic tickets.

According to security researchers from CA who intercepted the spam run, the emails bear a subject of "UNIFORM TRAFFIC TICKET #7046."

The rogue notifications purport to originate from the New York State Police and claim the recipients have exceeded the speed limit earlier this month.

"TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117," the message reads.

The attached Ticket.zip actually contains an executable file with the same name and is a malware downloader detected by CA as Win32/Chepvil.CT.

Once executed, the downloader installs a rogue application called Windows XP Fix. At first, users will be informed that they have a critical hard drive error and will be asked to restart their computers.

Following the reboot, the rogue application will start a system scan and claim to identify critical errors on the hard drive, including bad sectors, read errors, failures to respond to system commands and others.

Pressing the Fix Errors button informs users that several errors can't be fixed unless the advanced module is bought. This is obviously a scam designed to trick people into paying money for an useless application.

These scare tactics are similar to the ones used by fake antivirus products. These programs, known collectively as scareware or rogueware, are very profitable for cyber criminals and the income they generate is commonly used to finance other illegal activities.

Users are advised to always scan email attachments with a capable antivirus program, or better yet, a multi-engine service like Virus Total, before opening them. In case of infection, free applications like Malwarebytes' Anti-Malware that specialize in the removal of scareware programs, can be used.