A wave of spam emails claiming to be traffic infringement notices has been targeting Australians. The email includes links that direct a recipient to a website which attempts to both scam the recipient and infect their computer with malware.

Stay Smart Online is aware of some recipients being infected with ransomware from infringement notice spam. Ransomware such as Cryptolocker is a particularly malicious form of malware which has been distributed by spam targeting Australians in the past. Recent examples include fake emails purportedly from Australia Post and Energy Australia.

Traffic infringement notices have become a common approach used by scammers as they are likely to alarm a recipient into a reactive response to click the link.

If you receive such an email, do not respond or click links. You should evaluate it as spam and delete it.

Current examples of these emails features the subject ‘Infringement notice’ and an ID number. The body states that you have been caught speeding and that you will need to click a link to view the invoice. The emails also contain a link to view the photos of the alleged incident:

Both links will take you to a malicious website which attempts to scam you for your credit card details, as well as download malware to your computer.

Verifying infringement notices

Official traffic infringement notices are sent via post, not email. You can verify infringement notices by contacting the organisation issuing the notice. Phone numbers, links and contact email addresses included in spam messages are likely to be malicious, so use an alternative method to contact the organisation.

If an issuing organisation is not specifically identified in the message (as in the example above) this is an indication of a scam.

Many states also provide methods for viewing information about infringements.

Not all infringement notices will be available on these websites; for instance, council fines may not be shown.