Cancer scare hoax email hits thousands
Sick message could plant virus on computer instead


Thousands of email users have been sent a hoax message telling them they have cancer, the National Institute for Health and Care Excellence (NICE) has warned. The email marks a new low in spammers' tactics.
The email with the header "important blood analysis result", tells people that NICE has been sent a sample of their blood for further research.
The health watchdog said the contents of the email are likely to be distressing and have reported the incident to the police. Since the outbreak of the email hoax, NICE has been deluged by calls from worried individuals over the email.
The scam email, with the subject line "Important blood analysis result" tells recipients that NICE has been sent a sample of the recipient's blood for analysis.
"During the complete blood count (CBC) we have revealed that white blood cells is very low, and unfortunately we have a suspicion of a cancer," the sick message reads.
The message then asks the user to open an attachment claiming to be the test results. However, asking users to download and open attachments is a common way for for cybercriminals to plant viruses and malware on a victim's computer.
Sir Andrew Dillon, NICE Chief Executive: "A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"This email is likely to cause distress to recipients since it advises that test results' indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police."
NICE advised people who receive the email to immediately delete it without opening in and not to click on any links within the email either.
UPDATE: Email verified as containing Zeus malware
An IT security firm had confirmed that the scam email purporting to be from Nice actually harbours the Zeus malware.
Fred Touchette, senior security analyst for AppRiver said that the attachment is a malicious zip file.
"If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen," said Touchette.
"What they won't see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger."
Touchette said that the malware also makes several duplicate instances of itself just in case someone was attempting to shut down the original process.
"Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400."
He added that this is all very common behaviour for the Zeus family of malware which is still very common in today's attacks.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.
-
Cleo attack victim list grows as Hertz confirms customer data stolen
News Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
By Ross Kelly
-
Lateral moves in tech: Why leaders should support employee mobility
In-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
By Keri Allan
-
Busting nine myths about file-based threats
Whitepaper Distinguish the difference between fact and fiction when it comes to preventing file-based threats
By ITPro
-
The state of email security 2023
Whitepaper Cyber risk commands the C-Suite's focus
By ITPro
-
Microsoft 365 business users targeted with new DocuSign phishing scam
News Threat actors are using fake login forms to trick users into changing their payment details
By Daniel Todd
-
Blockchain-based Gmail plugin lets users keep control over email attachments after they're sent
News Document GPS email extension for Google Workspace considered world's first Gmail tokenization tool
By Daniel Todd
-
Almost a quarter of all spam emails were sent from Russia in 2021
News Last year's spam emails mostly centred around money and investment, Bond and Spider-Man movie premieres, and the pandemic
By Sabina Weston
-
Education and government most at risk from email threats
News New report finds phishing remains most dominant threat to IT security
By Rene Millman
-
Hackers use SquirrelWaffle malware to hack Exchange servers in new campaign
News Researchers discovered malicious emails being sent as replies to existing email chains
By Rene Millman
-
Proofpoint impersonator steal Microsoft, Google logins in phishing campaign
News Clever hackers dodged Microsoft security by pretending to be a cyber security firm
By Rene Millman