DHS Officials Alerted of E-mails Spoofing the Department & Installing Spyware

According to the news from Associated Press published on August 24, 2009, the US Homeland Security officials are cautioning about e-mails that are deceptively posing as messages from the intelligence division of the Department.

Intelligence reports state that while the e-mails are crafted in such a way as they contain text from the department's intelligence, they in fact contain web-links that are loaded with malware.

The reports suggest that these malware include spyware that typically steal protected passwords and banking information.

Furthermore, the alert indicates that the spyware turned out to be offensive. However, officials of counterintelligence cannot overrule the possibility that there were other reasons to target the personnel of DOD (Department of Defense) and the partners of DHS (Department of Homeland Security).

Amy Kudwa, Homeland Security Spokeswoman, said that if anyone got such an e-mail, he should inform about it to his technology department without clicking on the link, as reported by Msnbc.msn on August 24, 2009. Kudwa further said that all members receiving such e-mails should forward them to the Department so that a probe could be conducted, which could assist the investigators in catching the spammers as well as thwarting the ongoing phishing scheme.

More news reports indicate that DHS has been informed about the e-mails that first started coming up in June 2009.

Some other investigative reports reveal that the phishing e-mails in reality emanated from IP addresses hosted in Russia and Latvia. This means that the spammers hid themselves behind the DHS' legitimate website and dispatched spoofed, unsolicited e-mails to unwitting recipients who opened the messages without suspecting their originality. As a result, users' PCs that downloaded malware were taken over by the criminals.

Cyber Chief, Department of Homeland Security, Greg Schaffer, said that there was a significant growth in sophisticated cyber attacks. These attacks were harder to identity, as reported by Nextgov on August 25, 2009. Such attacks were limited, less speedy and launched not to draw attention, but to treacherously gain access to resources and data, said Schaffer.

Related article: Dixie College Suffers Data Hack

» SPAMfighter News - 9/9/2009