Spam Mail Purporting to be from FTC Delivers Trojan

A vicious electronic mail is doing the rounds, posing as a message from the U.S. FTC, while infecting PCs with malware. Reports have been coming to the agency complaining about the malware attack, published Mashable dated September 1, 2011.

Using the header "URGENT: Pending Consumer Complaint!" the e-mail addressing businessmen tells the reader that there's a complaint from a buyer against his firm that the firm attempted at cheating the person. The reader can read the complaint's entire text given as a PDF document from the FTC site via accessing a given web-link, the e-mail message concludes.

But, anyone following this web-link is requested for dialing a FTC helpline, utilizing an online form that's safe for making a complaint alternatively, writing an e-mail to FTC filing the complaint. There's a chance that individuals concerned of a supposed fraudulent operation in their businesses will answer the spam mail.

Moreover, there's the original FTC logo in the e-mails to lend them an element of genuineness.

Director David Torok of the Bureau of Consumer Protection of FTC said that if an attachment included in the e-mail was opened, a malware got installed which began stealing the infected user's identifying credentials. SCMagazineUS.com reported this on September 2, 2011. The malware was one keylogging Trojan, which tried capturing the victim's username and password, Torok explained.

According to him, one businessman also told that soon as he clicked the web-link, his PC froze, which wasn't a favorable indication.

Furthermore, FTC stated that the spam mail had plenty of grammatical, spelling and syntax mistakes that were the usual signs of a fake electronic message.

Meanwhile as per security researchers, if end-users run an AV solution that's up-to-date then they shouldn't have a problem. Besides, they should seek to recognize the typical hints that mark the electronic mail as fraudulent.

The researchers also stated that federal agencies normally never got in touch with firms in the said fashion over e-mails; therefore, recipients of such e-mails must delete the messages entirely.

Notably, FTC in its security advisory warned that the electronic mail in question was a scam, hence receivers mustn't open it.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 9/12/2011