Cybercriminals are attempting to infect people with bank data stealing Ramnit malware by using phishing emails pretending to come from a charity.
Migrant Help is a real British charity which offers support to distressed migrants arriving in the UK, but hackers are using its name in an effort to infect victims with the Ramnit banking Trojan, Action Fraud, the UK's fraud and cybercrime centre has warned.
A phishing email with the subject 'Thank you for choosing to donate to Migrant helpline' is sent to the potential victim, claiming that they recently donated money to the charity.
The emails contain a fake receipt for which, as noted by My Online Security, lists the first name and second name of target as well as their actual phone number. It is not clear how the scammers obtained this information, but using the target's real name and phone number makes the email make look more authentic.
The message contains a reference number and invites those with questions about their donation - which victims are likely to have if they've never given to Migrant Help - to click on a link which has been customised to contain the target's name, in order to download a document supposedly containing more information.
Those who click on the link are taken to an online Word document which downloads the Ramnit payload onto the victim's machine.
First appearing appeared in 2010 in the form of a self-replicating computer worm, Ramnit has evolved to become much more dangerous, reaching the point where those behind it have developed it into a banking Trojan, designed to steal bank customer login credentials for theft and fraud.