I'm fairly skeptical of these stories, for the simple reason that this seems like far too much effort to go to just to deliver malware. If the scammer were trying to get people to pay the fines, that would make a lot more sense - it'd be over $100 a mark. But commodity malware infections are worth maybe a few dollars per host. Not much to use your clever multi-platform location-collecting scam on.
If these stories are accurate, I suspect the malware being delivered is pretty interesting. I think it's more likely that there's a way simpler explanation, though.
The scammers might just be sending out emails to people that they have an email address and physical address for (which could have come from any of a number of data dumps), with random times and random major streets near the physical addresses. A certain portion of the time, this will just happen to match up closely enough with someone's real driving for them to think it matches their memory. It only takes a few cases to get a police department to take note and then amplify it through local media.
The primary objective might be to get them to pay the fine. But since they don't have an actual photograph of the license plate, they may have played malware at the license plate link as a secondary objective?
Unless it's either (a) a crazy person stalking some specific people he already has some information on, or (b) a campaign against specific people who are targeted for a hack. (I guess in either case the police should be able to connect the dots between them, but to paraphrase that Lebowski movie, I'm sure they're working in shifts.)
If these stories are accurate, I suspect the malware being delivered is pretty interesting. I think it's more likely that there's a way simpler explanation, though.
The scammers might just be sending out emails to people that they have an email address and physical address for (which could have come from any of a number of data dumps), with random times and random major streets near the physical addresses. A certain portion of the time, this will just happen to match up closely enough with someone's real driving for them to think it matches their memory. It only takes a few cases to get a police department to take note and then amplify it through local media.