Virus-laden E-mails Masquerade as Official FTC E-mails
The Federal Trade Commission (US), that pursues spammers frequently for unlawful activities, on October 29, 2007, cautioned that a spammer is transmitting fake e-mail communiqués that claims to have originated from the FTC.
The message contains links and an attachment which when clicked open begins to download a virus. Just like any other dubious e-mail, the receivers are cautioned not to open any links or attachments inside the message.
The e-mail seems to have originated from email@example.com, a fake address, and the malevolent attachment within this message downloads keystroke-logging program, which is employed with the sole intention of heisting confidential details like passwords and other banking details.
Just opening the message does not seem to cause any damage. But it is quite possible that anybody unlocking the e-mail's attachment or clicking open the links downloads the bug on to his or her PC, and thus is advised to execute an anti-virus application.
Although the e-mail contains the FTC stamp, it contains grammatical mistakes, misspellings, and wrong syntax, stated the FTC in a warning issued on October 29, 2007. Receivers of such messages should send their e-mails to firstname.lastname@example.org and then remove it completely. Electronic mails transmitted to the uce.gov address are forwarded to the FTC's spam folder, which is later on utilized by researchers.
Internet fraudsters frequently pose as government authorities like the Internal Revenue Service to deceive innocent people into opening the attachments or visiting the malevolent sites.
In October last week, SophosLabs disclosed that the US alone accounted for 28.4% of spam worldwide, fives times greater than the second largest spam conveying nation, South Korea with 5.2% spam. In this case, mostly zombie PCs transmit spam at the command of a far-flung spammer, who may or may not be present in the same nation.
Informationweek on October 29, 2007 reported the statement of Sophos' Senior Security Consultant, Carole Theriault, that the problem can be reduced only if the US agencies invests more in educating people about the threats, while assuring the immediate detection of infected computers by increasing the monitoring activities of the Internet Service Providers (ISPs).
Related article: Virus Infects Through USB Drives
» SPAMfighter News - 15-11-2007