IT security firm Sophos has warned internet users of a new
series of widely-distributed email campaigns that pretends that the
recipient has won a substantial cash prize and a new BMW car, in an
attempt to steal confidential information and money.
The emails state that recipients have won a BMW lottery and is
entitled to 950,000 EUR and a brand new BMW 5 Series car. It
advises recipients to contact the claims department and provides a
fake corporate address, email address and telephone number, to
enhance the legitimacy of the message.
The email claims that the recipient has won a
prize in a BMW lottery.
Sophos researchers believe that the emails are a variant of the
commonly-encountered "Letter from Nigeria" scams, also known as 419
Advanced Fee Fraud, that fool innocent users into believing that
large amounts of money will be transferred into their bank
accounts, but are really designed to steal bank account information
or demand a "handling fee" for the money transfer. Sophos notes
that this is not the first time a major car manufacturer has been
used in an email scam - earlier in 2006, emails purporting to be
from the Volkswagen lottery were spammed out to computer users
"Few people would say no to a free BMW, or a huge wad of cash
for that matter, which is precisely why these lottery scams are
proving so successful," said Carole Theriault, senior
security consultant at Sophos. "There's little that BMW can do to
prevent its name being used in this manner, and email users that
take the bait risk handing over their personal details to
fraudsters. The only way to stop the distribution of these messages
is for users to stop responding."
Sophos continues to recommend that all organizations protect
their email with an integrated security
solution to thwart spam, spyware and malware threats.