Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned
internet users of a new email scam that pretends to be a lottery
notification from charity Oxfam.
The emails claims that the recipient has won £850,000 in a
lottery run by the international aid relief organization, and asks
for the claimant to reply to get details on how the winnings will
be transferred.
The scam lottery emails claim to come from
Oxfam.
Part of the email, which has the subject line "Oxfam
Grant/Donation Award 2008!!!!!!!", reads as follows:
These funds are freely given to you for your Business,
Economic and Educational Development, as well as the enhancement of
the overall standard of living of the less previledged people in
your region.Your Email was selected from your country's chambers of
commerce and you have been confirmed as one of The lucky recipients
of this year's donation programme. You are also entitled to the sum
of EIGHT HUNDRED AND FIFTY THOUSAND POUNDS STERLING (£850,000.00)
as charity donations/aid from the Oxfam GB (UK) International
donation scheme.
"Oxfam is one of the world's most respected aid agencies,
fighting famine around the globe. But the sick people behind this
scam don't seem to have any qualms about bringing the charity's
name into disrepute," said Graham Cluley, senior
technology consultant for Sophos. "Of course, Oxfam is not
responsible for the email and internet users need to learn that any
unsolicited lottery win email arriving in their inbox is likely to
be sent by a conman, not a charity worker. Replying to the email
risks putting your financial well-being in danger."
The scam email tells recipients to contact a live.com email
address, and also lists a UK 070 personal phone number for people
who wish to make contact via telephone. Last year Sophos revealed that
070 telephone numbers are frequently used by lottery scammers who
can redirect calls using the system to any phone number in the
world.
"Email lottery scams are abusing 070 telephone numbers to steal
money and confidential information," continued Cluley. "By
redirecting the number overseas, criminals can fool victims into
believing they are speaking to a legitimate agency rather than a
bunch of identity crooks focused on raiding bank accounts."
In January Sophos published
its annual Security Threat Report, which detailed the different
ways in which cybercriminals attempt to steal cash and identities
across the internet.
Sophos recommends that all organisations protect themselves with
a consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and
viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.