Menu Search Hoax-Slayer

MALWARE - 'Suspicion of Cancer' Blood Test Results Email

Outline
Email purporting to be from the UK's National Institute for Health and Care Excellence (NICE) claims that an analysis of the recipient's blood has revealed a low level of white blood cells that could indicate cancer. The message urges the recipient to print out test results contained in an attached file to give to his or her doctor.


Brief Analysis
The email is not from NICE and the attachment does not contain test results. Instead, it is a nasty scam designed to scare people into opening an attached file. The attachment contains malware that can steal passwords and other sensitive material from infected computers. If you receive this email, do not open any attachments or click any links that it contains.


Example

Dear [email address removed]
We have been sent a sample of your blood analysis for further research.
During the complete blood count (CBC) we have revealed that white blood cells is very low, and unfortunately we have a suspicion of a cancer.
Wite Blood cells 1200 Low
Hemoglobin 12 Normal
Platelets 19000 Low

We suggest you to print out your CBC test results and interpretations in attachment below and visit your family doctor as soon as possible
Sincerely,

Dr. Avery Ernie

Blood Test Results Malware



Detailed Analysis
According to this email, blood test results suggest that the recipient may have cancer. The message purports to be from the UK's National Institute for Health and Care Excellence (NICE). It claims that a complete blood count (CBC) of a blood sample sent to NICE has been analysed and a very low level of white blood cells was discovered. Doctors therefore have a 'suspicion of cancer', states the email.


The recipient is urged to print out CBC results contained in an attached file and show them to his or her doctor as soon as possible.

However, the email is not from NICE or from any other medical entity and the supposed test results are bogus. The attachment does not contain test results. Instead, it harbours an information-stealing trojan.

This nasty and underhand criminal tactic is designed to panic people into opening the attached file without due forethought. The email is professionally presented and may at first seem like a legitimate NICE message. People with existing health issues or those awaiting blood test results may be especially vulnerable to this tactic.

Recipients who open the attached .zip file as instructed will find that it contains a .exe file disguised via a double file extension to look like a harmless .pdf. Opening the .exe file can install a trojan that can harvest passwords and other sensitive data from the infected computer and relay it back to online criminals.

NICE has published the following warning about the scam on its website:

NICE is aware that a spam email is being sent to members of the public regarding cancer test results. Please be assured that this email is not from NICE and we are currently investigating its origin.

If you have received the email, do not open the attachments.
Of course, no legitimate medical institution is ever likely to inform people that they may have cancer via an unsolicited and impersonal email. However, criminals regularly use such 'shock' tactics to panic people into opening attached files or following links to malicious websites. In another current campaign, criminals are sending out bogus notices inviting recipients to attend the funeral of a friend. Others claim that recipients have been evicted from their home or must appear in court on a specified date. Again, the bogus emails contain malware in attached files.

Be very cautious of opening attachments or clicking links in unsolicited emails even if they appear to come from a legitimate source.


Last updated: March 14, 2014
First published: March 14, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Cybercriminals Tell Users They Might Have Cancer to Trick Them into Installing Malware
NICE
Bogus Funeral Notification Emails Point to Malware
Eviction Notice Malware Email
'Notice to Appear in Court' Malware Emails

© Brett M.Christensen, 2014. All Rights Reserved.


Go to Desktop Version