Fake Verizon Wireless Bill Notification Emails Lead to Malware

Verizon-Wireless-Sign-Fake-BillCareful when clicking links within Verizon bill notification emails.

Cybercrooks are spamming out emails that closely resemble the emails Verizon sends to their customers to let them know that their cellphone bill is ready to view online.

This particular spam campaign poses a high risk since the balance displayed to the user is likely far more than they’re accustomed to, which may drive recipients to click links within the emails without a second thought.

Screenshot Credit: Barracuda Labs

And considering all of the embedded links point to a malicious non-Verizon website hosting the Blackhole exploit kit, that can quickly turn into a costly mistake as malware will be installed on any vulnerable computers that visit the site.

According to Barracuda Labs, the malware delivered is none other than the infamous ZeuS/Zbot, which is known for its effective ability to steal online banking credentials and upload them to a remote server controlled by the attackers.

How to Spot the Fake Verizon Wireless Bill Notifications

Although the cybercrooks behind this spam campaign have done a fairly good job copying the layout of the Verizon bill notification emails, there still are a few ways to tell them apart:

  • In legitimate Verizon Wireless bill notification emails, the first line of the email will read, “Your current bill for your account ending in XXXX-XXXXX is now available online in My Verizon.” Meanwhile, the fake emails will simply say, “Your current bill for your account is now available online in My Verizon.”
  • The balance due will differ greatly from what you typically pay. So if you usually pay $100/month and suddenly receive an email saying you owe $500, yet you haven’t done anything different during the billing cycle to warrant such charges, then something is up – and the problem may not necessarily be with your account, but the email you’re looking at.
  • By hovering over the links, you notice that they point to a third-party website that obviously doesn’t belong to Verizon Wireless. The links in the spam message received by Barracuda Labs was “hxxp://trauma.co.id/XXXXXX/index.html” – which is clearly not affiliated with Verizon Wireless. It is important to note that it’s likely multiple URLs are being used.

As a rule of thumb, it’s always best to just type the URL of the website you wish to visit directly into your browser’s address bar instead of clicking links provided within emails.

What to Do With Fake Verizon Wireless Bill Notifications

Did you also receive one of these fake Verizon bill notices? We suggest that you:

  • Avoid clicking on any of the embedded links.
  • Forward the email to phishing@verizonwireless.com.
  • Delete the email.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

This entry was posted in Computer Security, malware, spam and tagged , , , , , .
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.
  • Kevin King-Templeton

    Hey would you mind stating which blog platform you’re using? I’m going to start
    my own blog soon but I’m having a hard time choosing between BlogEngine/Wordpress/B2evolution and Drupal. The reason I ask is because your layout seems different then most blogs and I’m looking for something unique.

    P.S Sorry for being off-topic but I had to ask!

    • Hyphenet

      We are using WordPress. There are a lot of perks and down downfalls to it though. There are lots of great plugins that you can install that can be extremely time saving. The downfall is sometimes those plug-ins break and going back to figure out what the problem is can be a challenge. I’ve heard Drupal is good but I’ve not familiar with BlogEngine or B2evolution. Good luck!

  • guest

    I got this email as well. Fortunately my JAVA was not updated to the latest version, and due to some hitch in my net connection the new version never got downloaded. So even after clicking the link the page never got opened. I think I am safe. A close shave, I must say.

  • Muse

    Yup, my coworker just got this on our company email and clicked on the link but knew right away to close it once he noticed it really wasn’t Verizon so it didn’t have time to load.  I told him it was fake because of no account or phone number listed plus no one here has Verizon. 

  • Palinafrazie

    Called Verizon to notify them of this …appeared not aware of the email.  This is a huge company, how can they not be aware of this?  We do not have an account with them, they wanted our information so they won’t solicit us…um…they weren’t to begin with.  This was their “fix”.  Sending this email onto the Attorney General instead. 

  • Lavinia

    Clicking on this link has cost me $200 to get my c drive back.  I hope they rot in hell.

    • Marquisa Kirkland

      Oh no! Sorry to hear that your PC was compromised by this spam attack. :(

  • dp

    I just got this today and got tricked. Scanning my computer now

    • Marquisa Kirkland

      Hopefully your antivirus is able to detect and remove the malware!

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5