The type of malware being downloaded is not known.
The type of malware being downloaded is not known.

New York drivers are being targeted in a phishing scam where an email is received stating they have 48 hours to pay a fine or have their driver's license revoked.

The New York State Department of Motor Vehicles issued an alert on June 1 warning residents about the scam saying the threat is merely bait to entice the victim to click on a “payment” link that will in turn download malware. The state does not know how many people have been affected, but Owen McShane, ‎director of investigations at New York State DMV, said calls came in from New York City, Albany and Syracuse concerning the email.

The malware being dropped came in two categories. The first simply placed a tracking tool on the victim's computer to see what websites were visited; and the second, more nefarious, attempted to acquire a variety of personally identifiable information, such as names, Social Security numbers, date of birth and credit card information, McShane said.

There are several giveaways that indicate the email is a fake. A copy of the email supplied by NY DMV shows the  phishing email contains several punctuation errors, the supplied links lead to sites without an ny.gov URL, tied to the fact that the state would never make such a request.

The phony message from the NYS DMV reads:

Dear Driver:

We are writing to inform you that the state police department has notified us that you have several outstanding traffic violations. If you do not make restitution for these infractions within 48 hours, we will be forced to revoke your driver's license.

To make payment arrangements online, click here.

To refute these tickets, click here.

Sincerely,

The NY DMV

“The Department of Motor Vehicles does not send emails urging motorists to pay traffic tickets within 48 hours or lose your license,” said Terri Egan, DMV deputy executive commissioner, in a statement.

McShane noted that this scam is similar to one that hit the state about 18 months ago. The DMV, he said, is often used as bait in phishing attacks. Most previous attacks only lasted for 24 to 48 hours and this attack seems to have wrapped up too at this point, he added

Source