This phishing scam poses as a charity email, delivers Ramnit banking Trojan malware

Phishing emails contain names and telephone numbers of targets.

Cybercriminals are attempting to infect people with bank data stealing Ramnit malware by using phishing emails pretending to come from a charity.

Migrant Help is a real British charity which offers support to distressed migrants arriving in the UK, but hackers are using its name in an effort to infect victims with the Ramnit banking Trojan, Action Fraud, the UK’s fraud and cybercrime centre has warned.

A phishing email with the subject ‘Thank you for choosing to donate to Migrant helpline’ is sent to the potential victim, claiming that they recently donated money to the charity.

The emails contain a fake receipt for which, as noted by My Online Security, lists the first name and second name of target as well as their actual phone number. It is not clear how the scammers obtained this information, but using the target’s real name and phone number makes the email make look more authentic.

The message contains a reference number and invites those with questions about their donation – which victims are likely to have if they’ve never given to Migrant Help – to click on a link which has been customised to contain the target’s name, in order to download a document supposedly containing more information.

Those who click on the link are taken to an online Word document which downloads the Ramnit payload onto the victim’s machine.

First appearing appeared in 2010 in the form of a self-replicating computer worm, Ramnit has evolved to become much more dangerous, reaching the point where those behind it have developed it into a banking Trojan, designed to steal bank customer login credentials for theft and fraud.

Despite being seven years old Ramnit remains dangerous, and even accounted for the largest increase in malware attacks during November last year, with the number of infections doubling since the previous month.

Advice from Action fraud on not becoming a victim of phishing scams is to not open attachments in unsolicited emails and to install the latest software security updates.

The police warning on malware distributing Migrant Help phishing email scam comes shortly after City of London police warned of a ransomware scheme targeting schools.


System Requirements

Both OsMonitor Server and Client can work on Windows XP, Windows Server 2003/08/12/2016, Windows 7, Windows 8/8.1, Windows 10. Include 32 bit and 64 bit.

Customer Review

We are now using your monitoring software, OsMonitor. It is a great software, we are able to block non-business website, monitor activities of our users, website visited and even snap shots. Majority of our need is provided by your software.