A Philadelphia-area police department is warning locals about fake emails sent in its name to try and get people to install malware. The clever part: the emails contain accurate speeding data, targeting drivers whose GPS data is leaked to the scammers by shady apps.
It’s suspected that the data is coming from an app with permission to track phone GPS data. That could either be a legitimate app that has been compromised, or a purpose-built malicious app that was uploaded online. As anyone who has used a GPS navigator knows, location data can be used to roughly calculate your travel speed. The emails ask for payment of the speeding ticket, but no apparatus is set up to receive such fines. Instead, a link that claims to lead to a photo of the user’s license plate instead loads malware onto the user’s device. This particular scam appears to be hyperlocal at the moment, however, it does show how these scams can progress. Like con artists, most of these scams rely on fooling users into thinking they’re from a legitimate source.
An example email:
From: Speeding Citation
To: (Accurate Email Removed)
Date: 03/11/2016 03:08 PM
Subject: [External] Notification of excess speed
First Name: (Accurate Name removed)
Last Name: (Accurate Name removed)
Notification of excess speed
Route: (Accurate Local Township Road –removed)
Date: 8 March 2016
Time: 7:55 am
Speed Limit: 40
Detected Speed: 52
The Infraction Statement contains an image of your license plate and the citation which must be paid in 5 working days.