30 April 2015

Traffic infringement notice scam

| Canfan
Join the conversation
13

The Australian Federal Police has taken to Facebook to warn users of a recent traffic infringement notice scam.

According to the AFP, scammers claiming to be police are asking people to pay traffic infringement notices via email (see image below). This is a scam.

Do not pay any money and do not click any attachments or links. Delete the email immediately and consider running a virus scan of your computer in case the email is infected with a virus.

UPDATE FROM ACT POLICING (30 APRIL 2015)

It would appear that the scam alert we issued earlier in the week regarding email traffic infringement notices from the Australian Federal Police has morphed into a new scam.

The original scam outline is still in place about an unpaid fine, but the scammers have now changed it to ‘driving intrusion information’ issued by the ‘Commonwealth of Australia’.

Don’t be scammed!!! Don’t click on any links which are in the email. You should delete the email straight away and consider running a virus scan of your computer in case the email is infected with a virus.

afp scam

Join the conversation

13
All Comments
  • All Comments
  • Website Comments
LatestOldest

JC said :

MERC600 said :

Well you gotta admit it’s a fairly slick scam.

Can’t they be tracked down by trail the email leaves? Isn’t it called an IP something.

Not that easy actually due to the very open manner in which email can be sent.

Basically an email can be traced from the server to your mail box, but not so easy from the sender to their email server. Reason being the SMTP that a lot of email servers use doesn’t have any authentication nor does it have any ip address logging. And even if they did log IP addresses it would be easy to use an anoynomous VPN service, meaning the mail server if it logged would log the VPN service addess not the actual sender. So scammers and spammers can do it easily, goes to show in many ways what a joke the laws really are, because the ‘baddies’ know how to get around them anyway.

A lot of ISP’s subscribed to black list that ban email from servers that have been identified as being too open, in fact some ISP’s in Australia were on that list many moons, for example Ozemail. So most reputable ISP’s now require authentication before sending, but there are still many many servers out there that don’t. After Ozemail introduced authentication they got taken off the banned list.

Thank you JC .. A few more obstacles in identifying than I knew about. Thanks.

dungfungus said :

Steven Bailey said :

The infringements sent out by the ACT Government are a scam too.

Are you referring to rates notices by another name?
Wait until the “light rail rescue levy” is added.

Good one Dungers

dungfungus said :

Steven Bailey said :

The infringements sent out by the ACT Government are a scam too.

Are you referring to rates notices by another name?
Wait until the “light rail rescue levy” is added.

I’m quite keen to sell-up ASAP before the predictable out-of-control rates charges reduce the value of all our houses.

This light rail will be a liability that will weight very heavily on we rate-payers.

Steven Bailey said :

The infringements sent out by the ACT Government are a scam too.

Are you referring to rates notices by another name?
Wait until the “light rail rescue levy” is added.

HenryBG said :

dungfungus said :

It’s easy to see it is a fraud because the fines for negligent driving in the ACT start at about $250.

Not to mention the absence of driver, licence, or vehicle details, and the 4-years-out-of-date date on it.

I would assume the actual goal of the email is to get you to click on the link, which would be a webpage that exploits some known software vulnerability that drops a bit of software on your PC and sets it run on start-up to lock the PC and display a message to the effect that they will un-lock it for you if you pay $1000.
Ransom-ware, in other words.

The four years out of date on a letter from a government department is not unusual.

Steven Bailey2:16 pm 29 Apr 15

The infringements sent out by the ACT Government are a scam too.

dungfungus said :

It’s easy to see it is a fraud because the fines for negligent driving in the ACT start at about $250.

Not to mention the absence of driver, licence, or vehicle details, and the 4-years-out-of-date date on it.

I would assume the actual goal of the email is to get you to click on the link, which would be a webpage that exploits some known software vulnerability that drops a bit of software on your PC and sets it run on start-up to lock the PC and display a message to the effect that they will un-lock it for you if you pay $1000.
Ransom-ware, in other words.

It’s easy to see it is a fraud because the fines for negligent driving in the ACT start at about $250.

dlenihan said :

I bet the AFP won’t use Meta-data to track down this scam,

Agreed.

The chances that any Australian ISP’s meta-data* can be used to track down this scam is almost certainly nil.

* Assuming here you are referring to the information that is retained and made available to law enforcement under the Data Retention Act – the Act does not, of course, use the words “meta data”.

MERC600 said :

Well you gotta admit it’s a fairly slick scam.

Can’t they be tracked down by trail the email leaves? Isn’t it called an IP something.

Not that easy actually due to the very open manner in which email can be sent.

Basically an email can be traced from the server to your mail box, but not so easy from the sender to their email server. Reason being the SMTP that a lot of email servers use doesn’t have any authentication nor does it have any ip address logging. And even if they did log IP addresses it would be easy to use an anoynomous VPN service, meaning the mail server if it logged would log the VPN service addess not the actual sender. So scammers and spammers can do it easily, goes to show in many ways what a joke the laws really are, because the ‘baddies’ know how to get around them anyway.

A lot of ISP’s subscribed to black list that ban email from servers that have been identified as being too open, in fact some ISP’s in Australia were on that list many moons, for example Ozemail. So most reputable ISP’s now require authentication before sending, but there are still many many servers out there that don’t. After Ozemail introduced authentication they got taken off the banned list.

I bet the AFP won’t use Meta-data to track down this scam, affecting their own name but if you down load last nights episode of Game of Thrones……watch out!

Well you gotta admit it’s a fairly slick scam.

Can’t they be tracked down by trail the email leaves? Isn’t it called an IP something.

I am glad I am not the only one. my delete key came into good use this morning.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.