'Salvation Army' Email Scam

350 Million Exposed Email Addresses

There is a recent scam that is making the rounds, attempting to phish out victim information by abusing the name and logo of the Salvation Army and impersonating the legitimate protestant organization that does charitable work.

Of course, the scam email has nothing to do with the real Salvation Army. Instead, the criminals behind the campaign simply stole the logo image of the Salvation Army and sent out mass spam emails pretending to originate from the real organization.

The scam uses simple social engineering tricks, trying to create interest and a sense of urgency in the victim and get them to click on a malicious attachment. The email has a subject line that reads "Outstanding Invoices". The body simply asks the victim to "find proof of payment for the attached invoices".

The email comes with an attached .html file - a very unusual format for sending an invoice by any measure. The filename is random but would follow the format "payment_[4-digit number].html".

The HTML file opens up a fake login page, styled to look like a Microsoft Office 365 login page and asks victims for a lot of personal information, including phone numbers, Skype handles, and passwords, all made to look like a requirement to access the fake invoice. Of course, entering this information will only send it to the people running the scam, so they can abuse and re-sell it in any way they want.

May 10, 2022