Debt Settlement email scam. How to avoid being fooled?

Written by Robert Bailey

The Debt Settlement scam email is a common callsign for the malevolent email spam you can spectate in your mail client. These emails consist of fake claims about your debt in the certain company. In this email message, you are told that your debt account was settled, or that you have an unsettled debt. As the letter says, more info is available by the hyperlink at the bottom of the email message. This link or file will lead you to the phishing website. You will read the full explanation of this scam, as well as the risks associated with it in this short article.

GridinSoft Anti-Malware Review
It is better to prevent, than repair and repent!
Removing email scam manually may take hours and may damage your PC in the process. I recommend you to download GridinSoft Anti-Malware for threats removal. Allows to complete scan and cure your PC during the trial period.
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | 10% Off Coupon
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.

What is the Debt Settlement email scam?

The name which was attached to this phishing by nervous users does not mean that a person from the company which provided you a loan really contacts you with the information about your debt. The scammers who perform a bank account phishing in such a tactic just took this name to lull the vigilance. Names of different banks or credit organizations are trusted by a lot of people. And at the moment when the user receives this email message, he/she will not even think that this is a phishing1. The chance that a person will follow the link attached to this email is very high.

Debt Settlement email scam message

One of the possible variants of Debt Settlement email scam

The fear is created by the text of the “Debt Settlement email virus” message: it states that your debt is settled, or, what is much worse, have missed the settlement terms. You can check the details on the website, by the attached link. This text can vary depending on the humor of fraudsters. Every little thing looks legit, so the sufferer will likely check the attached file. Fraudsters perform the phishing on the mentioned website, where the “details” are about to be posted. You are offered to log into your account, but you will expectedly see the login error, and the offer to try again later. In fact, this site can only transfer the credentials you typed to the fraudsters’ server.

Subject: Settlement letter

Good Day %username%

Please note this account has been paid up by the debtor.

OPEN PAYMENT(button with a link to a phishing site)

A paid up letter has been requested for ********.

PJB is the most trusted company in integrated power plant business with world class standard. Established in 1995, PJB has more than 20 percent market share in Indonesia. For further information visit : www.ptpjb.com.

This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

How dangerous the Debt Settlement email virus is?

Regardless of the reason the user clicked the link, his credentials from the banking account will be stolen. The malicious website has only 2 pages – pseudo-login window and login error. No malware is used, because user inputs all needed information without any forcing.. No complicated methods, like exploit kit usage – users will do everything themselves.

Here is a short description of Debt Settlement email virus:
NameDebt Settlement email virus
TypeEmail spam
Hazard typePhishing website
Malware sourceMalicious links and files attached to the email
DisguiseNotifications from the bank/credit company
Protection methods
To remove possible virus infections, try to scan your PC

This scheme is used to distribute spyware, banking trojans and keyloggers. All of them are targeted on your sensitive data, in the majority of cases – on the important logging keys. The second possible virus can be the most critical one if you make use of online banking. It is aimed on gathering the logging keys on the web pages of the banks, so it can easily steal your login/password. So, the fraudsters will be free to do whatever they intend with your equity2. At the same time, spyware can ignore your banking logins and passwords, but will surely dig out all possible data about you and your PC. List of the installed programs, often-used applications, antivirus software onboard, logins and passwords for the social networks – this and a lot of other information will be collected and sent to the control server.

Can I avoid this scam?

The things are not so hopeless for the Debt Settlement email virus. It is quite easy to differentiate the fake email. First, you need to remember if you have a Debt Settlement email saving or deposit account. It can be very comical to spectate this kind of email spam when you don’t have one. However, some users can open the added file/link just because of the simple inquisitiveness. People can do spontaneous acts, and this is just such a case. Another item that can help you to recognize that somebody tries to scam you is the sender’s email address. Official email addresses of banks has a special domain name, and the crooks will not be able to get an email address in this domain. Instead, spammers will likely create an email address like “noreply-support12961@gmail.com” or even “uasfbp02309@aol.com”. It is quite easy to differentiate the first one from the second and third, isn’t it?

 Debt Settlement email email scam

The example of dubious email address on another online spamming campaign

The final defence level is an security tool. A lot of users have their email chats in the separated program, called mail client. Some of that clients download the document at the moment when you check the message. In this case, you must have an anti-malware solution that is capable of on-run protection. Last option makes it possible to block the virus launching when the situation is similar to one I have described in this paragraph. Same thing is with added links: to discover that these links are malevolent, the security tool must have an internet protection ability. All of these functions are available in GridinSoft Anti-Malware, and I will recommend you to use it to protect your computer from Debt Settlement email virus and similar hazards.

What can I do if I have clicked on the link/file in the spam message?

Don’t panic. The spyware activity is not a doom. Of course, the important information you have on your computer is definitely in danger, but the logging keys can easily be changed. First of all, you need to erase the viruses you have got because of the Debt Settlement email virus. I can offer you to make use of GridinSoft Anti-Malware to perform this step.

Removing the viruses with GridinSoft Anti-Malware

  • Download and install GridinSoft Anti-Malware. After the installation, you will be offered to perform the Standard Scan. Approve this action.
  • Gridinsoft Anti-Malware during the scan process

  • Standard scan checks the logical disk where the system files are stored, together with the files of programs you have already installed. The scan lasts up to 6 minutes.
  • GridinSoft Anti-Malware scan results

  • When the scan is over, you may choose the action for each detected virus. For all files of the viruses distributed through the described phishing the default option is “Delete”. Press “Apply” to finish the malware removal.
  • GridinSoft Anti-Malware - After Cleaning

Now, when the virus is removed, you need to remember which credentials you inputted after clicking the spam message. Malware is not omnipotent, and is not able to steal the logins and passwords which were not in use. So, keep calm and change the login details that are about to be compromised.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

References

  1. About phishing methods and ways of counteraction.
  2. Detailed description of the banking trojans on Investopedia

About the author

Robert Bailey

I'm Robert Bailey, a passionate Security Engineer with a deep fascination for all things related to malware, reverse engineering, and white hat ethical hacking.

As a white hat hacker, I firmly believe in the power of ethical hacking to bolster security measures. By identifying vulnerabilities and providing solutions, I contribute to the proactive defense of digital infrastructures.

Leave a Reply

Sending