E-Mail Virus Spreads Using FBI Cover
Virus writers are thumbing their nose at law enforcement with a brazen act of social engineering that threatens to infect Internet users with the worm Sober-K.
A virus-laden e-mail disguised as a notice from the Federal Bureau of Investigation tells recipients that they have visited an "illegal Web site" and being monitored by the agency's Internet Fraud Complaint Center (IFCC). The recipients are then instructed to begin a questionnaire, which contains the viral payload.
In response, the FBI advised users not to open unsolicited e-mail and is directing those who are targeted by the scam to file incidents reports with the actual IFCC.
"These emails did not come from the FBI. Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited emails to the public in this manner," the FBI said in a public statement.
The agency also offered a word of warning, "Opening e-mail attachments from an unknown sender is a risky and dangerous endeavor as such attachments frequently contain viruses that can infect the recipient's computer. The FBI strongly encourages computer users not to open such attachments."
The scam attempts to elicit trust by spoofing a @fbi.gov e-mail address.
In review of the scam Jupiter Research senior analyst Joe Wilcox quipped, "I have to wonder who would open the attachment. Would any person fearful they had been to 'illegal Web sites' really want to answer a questionnaire potentially admitting crime to the FBI?"
The FBI encourages users who encounter the e-mails to fill out an incident report.