The proliferation of these emails have been ramping up over the past few months. Many appear to be coming from lawyer domains.

You may have received what appeared to me a Notice to appear – you may have also seen

MIMEDEFANG warning An attachment named (name of file) was removed from this document as it
constituted a security hazard.

Our mail system uses mimedefang to remove potentially dangerous files from incoming email.

The email message below: “Notice to appear in court”, is a fake and contains a malicious attachment that will infect your computer with a virus or Trojan horse if you open it. The email message attempts to trick the recipients into believing that they are scheduled to appear in the court of London on January 31, 2014, and they should open the attachment to view the court notice.
The Malicious Email Message: Notice to appear in court

Subject: Notice to appear in court RU#2071

Notice to Appear,

Hereby you are notified that you have been scheduled to appear for your hearing that will take place in the court of London in January 31, 2014 at 10:00 am.

Please bring all documents and witnesses relating to this case with you to Court on your hearing date.

The copy of the court notice is attached to this letter.

Please, read it thoroughly.

Note: If you do not attend the hearing the judge may hear the case in your absence.

Yours truly,
Clerk to the Court.

This malicious email message has an attachment called something like, which contains the malicious Trojan horse file Court_Notice_29012014.exe. Attempts to open this file will infect your computer with a Trojan horse or virus.

When we scanned the file Court_Notice_29012014.exe, the following threats were detected:

  • TR/Gamarue.A.177
  • Packed.Win32.Katusha.3!O
  • W32/Trojan.ZPAE-5557
  • Win32/TrojanDownloader.Wauchos.X
  • F-Secure Trojan:W32/Agent.DURR
  • Trojan.Inject
  • Backdoor.Win32.Androm.bmls
  • Backdoor.Bot
  • Troj/FakeAV-HAU
  • Backdoor.Trojan

If a computer has becomes infected with this malicious Trojan horse, the sender behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

Never open an attachment that has a name ending with “.exe”, because these are computer programs that can infect your computer with a virus or some other malware.
This is the reason we do not files as attackements on our mail servers – senders could send .exe files within them.