From The Verge: Malware and Speeding Drivers
A new malware scam is posing as a speeding ticket email with a fake link that is said to load malicious code onto users’ computers. The emails, sent to at least few local residents in Tredyffrin, Pennsylvania, purport to come from the local police department. Malware emails that masquerade as something official are not rare, but these messages are fairly unique: they are said to contain accurate speeding data, including street names, speed limits, and actual driving speeds, according to the Tredyffrin Police Department, located close to Philadelphia.
It’s suspected that the data is coming from an app with permission to track phone GPS data. That could either be a legitimate app that has been compromised, or a purpose-built malicious app that was uploaded online. As anyone who has used a GPS navigator knows, location data can be used to roughly calculate your travel speed. The emails ask for payment of the speeding ticket, but no apparatus is set up to receive such fines. Instead, a link that claims to lead to a photo of the user’s license plate instead loads malware onto the user’s device.
This particular scam appears to be hyperlocal at the moment, however, it does show how these scams can progress. Like con artists, most of these scams rely on fooling users into thinking they’re from a legitimate source. By revealing data that one would think only the police could have, people are more likely to click the link and get infected.
From: Speeding Citation
To: (Accurate Email Removed)
Date: 03/11/2016 03:08 PM
Subject: [External] Notification of excess speed
First Name: (Accurate Name removed)
Last Name: (Accurate Name removed)
Notification of excess speed
Route: (Accurate Local Township Road –removed)
Date: 8 March 2016
Time: 7:55 am
Speed Limit: 40
Detected Speed: 52
The Infraction Statement contains an image of your license plate and the citation which must be paid in 5 working days.