Northern Ireland

Email scam: PSNI issue warning about fraudsters

Woman using laptop Image copyright Getty Images
Image caption The stolen data is used by criminals to make money

The PSNI has issued a warning over an email scam which aims to obtain sensitive data from victims, such as banking details and passwords.

They said fraudsters have been sending phishing emails to addresses in Northern Ireland and have asked people to be "on their guard".

They said the emails contain a malicious computer programme known as a 'Banking Trojan,' in an attachment.

The stolen data is then used by criminals.

Police said the subject line contains the recipient's name and they have revealed what the email looks like.

Sample email


"Hi, [name]!

I am disturbing you for a very serious reason. Although we are not familiar, but I have significant amount of individual info concerning you. The thing is that, most likely mistakenly, the data of your account has been emailed to me.

For instance, your address is: [real home address]

I am a law-abiding citizen, so I decided to personal data may have been hacked. I attached the file - [surname].dot that I received, that you could explore what info has become obtainable for scammers. File password is - 2811

Best Wishes,"


Det Chf Insp Ian Wilson said: "The PSNI has been made aware of this scam by the National Fraud Intelligence Bureau and we want to warn local people to be on their guard.

"The emails include an attachment - a '.dot' file usually titled with the recipient's name. This attachment is thought to contain the Banking Trojan Ursniff/Gozi, hidden within an image in the document.

"The Ursniff Banking Trojan attempts to obtain sensitive data from victims, such as banking credentials and passwords. The data is then sold on by the criminals involved to make money."

The advice to avoid becoming a victim of the scam is:

  • Do not click on links or open any attachments you receive in unsolicited emails or SMS messages: Remember that fraudsters can 'spoof' an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication (you can find out how by searching the internet for relevant advice for your email provider).
  • Do not enable macros in downloads; enabling macros will allow Trojan/malware to be installed onto your device.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It is important that the device you back up to is not connected to your computer as any malware infection could spread to that as well.