Western Union Latest Company to Be Exploited By Scammers

A new wave of malicious spam hitting inboxes uses Western Union’s Money Transfer Service in its attempt to trick recipients into downloading its payload. The spam messages carry the subject line “Western Union Transfer MTCN:” and a random number.

The message says a large sum of money transferred on March 10 was never collected and directs them to open the attached zip file and print out the invoice in it, then take it to their local WU office to get the money. The attachment is actually a Trojan. In an effort to make the message seem legit, the scammers even added language at the end of it that claims it was scanned by the recipient’s ISP and found to be “safe”.

The Trojan,Troj/Agent-JUC, appears to be a rootkit that disables firewalls and steals banking information. It also installs other malware including a keylogger program, takes screenshots, and provides backdoor access to the systems it infects.

Despite how nasty the payload sounds and how legit the scammers behind it may have tried to make the spam delivering it sound, common sense should prevail here. If you haven’t sent any money via WU, ignore this message, and if you have, they’ll generally call you, not send an email, and as always, be very wary of any attachments you receive via email from people you don’t know.

It’s believed the scammers behind this latest attack are trying to take advantage of the shaky economic times, figuring there are enough people desperate enough to let their greed over potential free money override their common sense. Don’t fall for it!