FBI Warns of Email Scam
Back on February 4th I read this article over at Dark Reading:
FBI identifies recurring fraudulent email scam
FEBRUARY 4, 2008 | WASHINGTON -- The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.
Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).
The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.
...article continues at Dark Reading.
If you'd like to learn more about this issue or if you have received a fraudulent-mail you can go to the Internet Crime Complaint Center (IC3). There you'll find links to information, samples of 'spoofed' emails, and a link to report/file a complaint.
Here's a clip from the site:
Welcome to IC3
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).
IC3's mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >>
At the bottom of that page there is a link to "DOJ Spoof E-mail" which is a press release from last summer. Here it is in it's entirety:
FOR IMMEDIATE RELEASE
WEDNESDAY, JUNE 27, 2007
CRM
(202) 514-2008 TDD (202 514 - 1888)
JUSTICE DEPARTMENT ALERTS PUBLIC ABOUT FRAUDULENT SPAM EMAIL
THESE EMAIL MESSAGES ARE A HOAX. DO NOT RESPOND.
The Department of Justice did not send these unsolicited email messages — and would not send such messages to the public via email. Similar hoaxes have been recently perpetrated in the names of various governmental entities, including the Federal Bureau of Investigation, the Federal Trade Commission, and the Internal Revenue Service. Email users should be especially wary of unsolicited warning messages that purport to come from U.S. governmental agencies directing them to click on file attachments or to provide sensitive personal information.
These spam email messages are bogus and should be immediately deleted. Computers may be put at risk simply by an attempt to examine these messages for signs of fraud. It is possible that by "double-clicking" on attachments to these messages, recipients will cause malicious software – e.g., viruses, keystroke loggers, or other Trojan horse programs – to be launched on their computers.
Do not open any attachment to such messages. Delete the e-mail. Empty the deleted items folder.
If you have received this, or a similar hoax, please file a complaint at www.ic3.gov. Within the complaint, please list "DOJ Spoof Email" in the "Business Name" field of the complaint, where complainants are directed to place the name of the business which has victimized them, as this will allow the IC3 to easily retrieve and process these complaints.
Consumers can learn more about protecting themselves from malicious spyware and bogus e-mails at OnGuardOnline.gov, a Web site created by the Department of Justice in partnership with other federal agencies and the technology industry to help consumers stay safe online. The site features modules on spyware and phishing, at http://onguardonline.gov/spyware.html and http://onguardonline.gov/phishing.html.
Consumers can also obtain information on Internet safety at
