B2B Marketers » Reach Pre-Qualified IT Decision Makers with a Custom Lead Gen Program » Get Details
Welcome Guest | Sign In
NICE inContact February 12 webinar

Malicious Code Authors Spoof FBI

By Jennifer LeClaire
Feb 23, 2005 11:27 AM PT

The U.S. Federal Bureau of Investigation today warned the public to avoid falling victim to an ongoing mass e-mail scheme wherein computer users receive unsolicited e-mails purportedly sent by the FBI.

Malicious Code Authors Spoof FBI

"These e-mails did not come from the FBI. Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited e-mails to the public in this manner," said the agency in a statement.

Dangerous Attachments

These scam e-mails tell the recipients that their Internet use has been monitored by the FBI's Internet Fraud Complaint Center and that they have accessed illegal Web sites. The e-mails then direct recipients to open an attachment and answer questions. The attachments contain a computer virus.

"Opening e-mail attachments from an unknown sender is a risky and dangerous endeavor as such attachments frequently contain viruses that can infect the recipient's computer. The FBI strongly encourages computer users not to open such attachments," the agency said in a statement.

Social Engineering

Ken Dunham, the director of malicious code research at iDefense, a Reston, Va.-based threat intelligence firm, told TechNewsWorld that the FBI scam is just another tactic designed to get Internet users to execute malicious code.

"What we've found is social engineering and user interaction-based malicious codes have had great success," Dunham said. "The more authoritative the e-mail sounds or the more realistic it appears, the more likely it is that the attachment will be executed."

Education Needed

Although public awareness tends to make user-interaction worms less successful than automated ones, Dunham said plenty of people are still falling prey to them. Part of the problem, he said, is the popularity of file sharing, but the larger problem is simple ignorance.

"Everybody should that executable files are potentially dangerous and commonly harbor malicous code," Dunham said. "Yet everybody is not aware of this. Some corporate users will use their desktops to check a personal Web mail account that is not strictly monitored or controlled and viruses can come into the corporation that way. Internet users need to be aware of basic security practices."

The FBI said it is taking this matter seriously and is investigating. The agency encourages users receiving e-mails of this nature to report it to the Internet Crime Complaint Center.

NICE inContact February 12 webinar
How do you feel about government regulation of the U.S. tech industry?
Big tech companies are abusing their monopoly power and must be reined in.
Stronger regulations to protect consumer data definitely are needed.
Regulations stifle innovation and should be kept to the barest minimum.
Over-regulation could give China and other nations an unfair advantage.
Outdated antitrust laws should be updated prior to serious regulatory efforts.
Tech companies should regulate themselves to avoid government intervention.
NICE inContact February 12 webinar