Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned of
an email scam that poses as a message from a fund manager at
Fidelity Investments who has secretly extracted money from the
company.
The emails, which pretend to come from someone calling himself
William Smith at the USA's largest mutual fund company, claim that
the sender has "secretly extracted excess maximum return capital"
from one of Fidelity's funds. They go on to claim that the fund
manager has already made $22.4 million, and is looking for someone
else to assist in the crime.
Sophos researchers believe that the emails are a variant of the
commonly-encountered "Letter from Nigeria" scams, also known as 419
Advanced Fee Fraud, that fool innocent users into believing that a
large amount of money will be transferred into their bank account,
but are really designed to steal information about the user's
identity and bank account, or demand a "handling fee" for the money
transfer.
The scam claims to come from a Fidelity
Investments fund manager.
"Email scammers are attempting to fleece the unwary out of
money, and it is the naive who are most at risk of ending up
penniless," said Graham Cluley, senior
technology consultant for Sophos. "This scam contains spelling
mistakes and typos, but even if the scammer had done a better job
at presenting himself professionally people need to learn that
there is no such thing as a free lunch. If an unsolicited email
makes extravagant promises then computer users should be extremely
cautious."
Fidelity Investments, which is headquartered in Boston,
Massachusetts, is said to be working with the authorities to
investigate the source of the emails.
"It's important to realise that Fidelity Investments have done
nothing wrong. They are just the unfortunate victim of their own
success. The scammers have chosen to pose as them because Fidelity
is a well known and highly-regarded name, and they hope it will
encourage victims to pursue the dodgy business opportunity,"
continued Cluley.
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated
solution at the email gateway to defend against viruses,
spyware and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.