ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

‘Migrant Helpline’ phishing emails lead to Ramnit malware

Fraudsters are sending out a high number of phishing emails purporting to be from the charity ‘Migrant Helpline’ that lead to Ramnit – a type of banking malware.

Malware alert

The email address sending the majority of emails is [email protected], however multiple email addresses have been seen. Although Migrant Helpline is a genuine charity, fraudsters are using it to trick members of the public into becoming victims of this fraud. 

It should be noted that this fraud is in no way related to the real charity. The subject line currently is ‘Thank you for choosing to donate to Migrant helpline’

The message body reads as the following:

Thanks again for donating

We're sending it straight to Migrant Helpline so you'll be making a difference very soon. 
Your donation details: 
First name: ****
Last name: **** 
Tel. *********
Amount: £196 
Donation Reference: 09493495 

If you have any questions about your donation, please follow this link and download Your (Donation Reference 09493495), with the transaction details listed above. 
With your help, YeshivaDonations can continue to work in Syria and neighbouring countries to deliver clean water and life-saving supplies to millions of people.

Your generosity is bringing much-needed assistance to families who have lost everything as a result of the crisis in Syria. 

Warm regards,
YeshivaDonation

Emails use real contact information

The first name, last name and telephone number are targeted and appear to be correct for those they are sent to. 

Once the link is clicked, a well known Trojan (Ramnit) is downloaded onto the victim’s device. This malware is equipped to target and steal personal and corporate banking details.

Having up-to-date virus protection is essential; however it will not always prevent your device(s) from becoming infected. 

Please consider the following actions:    

  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication. 
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to is not left connected to your computer as any malware infection could spread to that as well.
  • If you think your bank details have been compromised, you should contact your bank immediately.

Sign up for free to Action Fraud Alert to receive direct, verified, accurate information about scams and fraud in your area by email, recorded voice and text message.

Most shared articles

Related articles