Accrington Web - Not seen this email malware before

Quote:

Originally Posted by Michael1954 (Post 1143431)

It looks genuine, so if phony, it's very clever and convincing. Rohan Gye is the DVLA's Service Manager.

How did you find out it has malware?

[answered below]

Quote:

Originally Posted by Gremlin (Post 1143432)

DVLA don't email you, they send letters.
Not everybody has email.

...except to people who have signed up for online services

Quote:

Originally Posted by Gremlin (Post 1143432)

Press delete and forget.

...or publicise, then delete. Not everybody can spot a scam.

Quote:

Originally Posted by Gordon Booth (Post 1143434)

Does just opening it let the malware in or do you have to open some attachment?
And yes, how did you catch on? I wouldn't have.

I knew it was a scam because I don't do my online DVLA transactions from the email account that they targeted.

To spot a scam, look at the email for bad spelling and the name of the addressee. Something full of errors and with the salutation "Dear Studio" is going to ring alarms for me. I've read that the inclusion of spelling and grammar errors is deliberate. The scammer doesn't want reasonably well educated people with a flair for attention to detail from clicking their links. They want the people who are naive enough to be frightened by the email.

Malware via email is either included in attached files or by links to infected websites.
The attached file is usually a ZIP, PDF, EXE or DOC file. There are older formats such as SCR. The golden rule with email attachements is that you don't open them unless you know the person or organisation who is sending the email and you have been told already to expect the email.
With web links, always look at the status bar before you actually click the mouse. You will be given a preview of which site you will be taken to.

Malware changes your computer for a number of nefarious reasons. The sender may just be trying to show how clever they are, they might be using your computer as part of a network for their own ends, such as overwhelming a large organisation with internet requests. They might want to obtain money from you by ransoming your files, or just damage your data because they are mentally unhinged.

It's not just malware you need to worry about. Obtaining your personal details by deception ("phishing") is of greater concern, because it's not often picked up by antivirus software. This is often done with links to dubious websites, as above. This is almost always for financial gain. The hacked website that you're sent to has pages designed to look like the site you were expecting to visit. You enter your details which are captured by the scammer, and they can then empty your account.

Bear in mind that these scams prey directly on human nature and are often defeated by a bit of common sense. If you're the sort of person that fires up the paper shredder if you receive something through the letterbox telling you you've won either £10,000, a yacht, a new car or a pen; then you're probably going to be OK. If in doubt, create a Gmail account and forward the worrying email to that address. Google's antivirus is pretty good at picking up on scams.

10 tips for spotting a phishing email - TechRepublic