Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of an email scam that pretends to be notification of a lottery win from Coca-Cola.
The emails, which have the subject line "COCA COLA PROMOTION", have been spammed out to internet users claiming that the recipient has won $2.5 million in a lottery held by Coca-Cola earlier this month. The email recipient is told they are one of only 50 lucky winners around the world who were selected randomly after computers found their email address on internet websites.
To collect their winnings, people are told to call, phone or fax an agent who claims to be working on behalf of the soft drinks giant.
However, Sophos warns computer users that this is a ruse to steal personal details, and that the fraudsters behind the scam campaign can use such information to steal money from bank accounts and commit identity fraud.
The email claims that the recipient has won a Coca Cola lottery.
Part of the email reads as follows:
We happily announce to you the draw of the coca cola International promootion programs held on the 9th of June 2006 in The United Kingdom. Your e-mail address attached to ticket number: 564 75600545-188 with serial number 5388/02 drew the lucky numbers: 31-6-26-13-35-7, which subsequently won you the Promotion in the 2nd category.
You have therefore been approved to claim a total sum of US$2,500,000.00 (Two million, five hundred thousand, United States Dollars) in cash credited to file RPC/9080118308/04 made available from a total cash prize of US $125 Million dollars, shared amongst the first Fifty (50) lucky winners in this category.
"These emails are not coming from Coca-Cola, and there is no lottery waiting to give you millions of dollars for nothing. Scammers who send emails like this are only interested in stealing your identity, and using that information to empty your bank account and use other tricks to fatten their wallets," said Graham Cluley, senior technology consultant for Sophos. "Email users should always be suspicious of communications like this, as it's a common trick used by organized criminals."
This email con-trick is the latest of many 419 scams. These scams are named after the relevant section of the Nigerian penal code where many of the scams originated and are unsolicited emails where the author offers a large amount of money. Once a victim has been drawn in, requests are made from the fraudster for private information which may lead to requests for money, stolen identities, and financial theft.
Other examples of 419 email scams include a message claiming to come from a Scottish MP, an associate of the massacred Nepalese royal family, and even an African astronaut stranded on the Mir space station.
Sophos recommends companies automatically update their corporate email protection to defend their users against the threats posed by spam, phishing, and malicious content.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.