Malware attack disguised as email about blocked credit card

Cybercriminals have spammed out emails which claim to be a warning that your credit card has been blocked, but in reality contain a malicious attachment designed to infect your computer.

Be on your guard if you receive an unexpected email claiming that your credit card is blocked.

The dangerous emails use subject lines including

Sign up to our free newsletter.
Security news, advice, and tips.

Your credit card is blocked


Your credit card has been blocked

A typical email looks like the following:


Dear Customer,
Your credit card is blocked!

Your credit card was withdrawn $ XXXX,XX
Possibly illegal operation!

More information in the attached file.

Immediately contact your bank .

Best regards, Customer Services.

Here’s another version:


Dear User,
Your credit card is blocked!

With your credit card was removed $ XXXX,XX

Possibly illegal operation!
More details in the attached file.

Instantly contact your bank .

Best Wishes, MASTERCARD Customer Services.

Note that although the examples above refer to MasterCard, there are other versions which reference Visa, for instance.

The filenames and sums of money mentioned can vary from email to email, as does the wording in the message body. Presumably this was done by the cybercriminals in an attempt to avoid detection by security products.

Fortunately, the bad guys haven’t succeeded – at least as far as Sophos is concerned.

Sophos products intercept the malicious emails and the attachment as Mal/RarMal-C and Troj/Bredo-IZ, protecting your Windows computer from infection.

If you receive an email claiming that your credit card has been blocked – treat it with suspicion.

If you’re concerned that the email might be true, contact your bank directly (ensuring that you use a trusted point of contact – rather than believe the phone number or website offered to you by a spammed-out email!)

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.