Security news
Security news8 December 2005
Bogus Diana Memorial Foundation scam email attempts to steal money from the unwary
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users of a spam campaign which pretends that the recipient has won a charitable grant from a global humanitarian organization set up to create a living memorial to the late Diana, Princess of Wales.
The messages claim that recipients have been randomly selected to receive £2,598,000.00. The emails say that to receive the grant they must make contact with the organization, who will reply with further instructions. However, the emails, which say they come from the "Diana Memorial Foundation", are not connected with the genuine Diana Memorial Fund.
Sophos researchers believe that the emails are a variant of the commonly-encountered "Letter from Nigeria" scams, also known as 419 Advanced Fee Fraud, that fool innocent users into believing that a large amount of money will be transferred into their bank account, but are really designed to steal information about the user's bank account or demand a "handling fee" for the money transfer.
The scammers are sending out bogus emails claiming that over £2.5 million has been granted.
"This email scam campaign is abusing the memory of one of the world's most famous women in its attempt to steal money from the unwary. Everyone should be suspicious if they are unexpectedly told they are about to receive a fortune," said Graham Cluley, senior technology consultant for Sophos. "Alarm bells should instantly ring when recipients see that they have to contact the supposedly legitimate organization via a Yahoo email address, but some may find the promise of riches makes them blind to the danger."
Interestingly, Sophos experts note that the email refers to the name of a genuine employee of the real Diana Memorial Fund inside the message.
"Using the name of a genuine employee of the Diana Memorial Fund in the email may be an attempt to give the message greater credibility for anyone who searches for more information on the web," continued Cluley. "However, the address given in the email is not that of the real charity whose website can be found at www.theworkcontinues.org."
Sophos reminds users to be wary of unsolicited emails, and has published information about how individuals can learn how to protect themselves against this and other online scams.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
