-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Alert SA07-303A
Federal Trade Commission Reports Spoofed Email
Original release date: October 30, 2007
Last revised: --
Source: US-CERT
Systems Affected
* Any computer system can be affected when a person is a victim of
social engineering, such as what can occur when malicious code is
inadvertently downloaded from an attachment in a spoofed email.
Overview
The Federal Trade Commission (FTC) is reporting that spoofed email
messages that appear to come from the FTC contain malicious
attachments. If you open one of these attachments you may infect your
computer with a keystroke logger or other malicious code.
Solution
Be suspicious
Exercise caution when opening email messages and attachments. In this
case, the FTC describes the spoofed email as follows:
The spoof email includes a phony sender's address, making it appear
the email is from "frauddep@ftc.gov" and also spoofs the
return-path and reply-to fields to hide the email's true origin.
While the email includes the FTC seal, it has grammatical errors,
misspellings, and incorrect syntax.
Attackers often construct email messages and web sites to imitate
legitimate organizations in order to more effectively convince you to
open and execute malicious attachments or click on malicious links.
See the Avoiding Social Engineering and Phishing Cyber Security Tip in
the references section for more information.
Install and update anti-virus software
Updated anti-virus software can protect you from malicious code. For
more information, please see Cyber Security Tip ST04-005 and ST05-006.
Description
This spoofed email activity relies on social engineering techniques to
convince you to open and run a malicious attachment. There is no
software vulnerability involved and there is no software update to
protect against this type of activity. For more information please see
the FTC report.
References
* Cyber Security Tip ST04-014 - Avoiding Social Engineering and
Phishing Attacks http://www.us-cert.gov/cas/tips/ST04-014.html
* Cyber Security Tip ST04-010 - Using Caution with Email Attachments
http://www.us-cert.gov/cas/tips/ST04-010.html
* Cyber Security Tip ST04-005 - Understanding Anti-Virus Software
http://www.us-cert.gov/cas/tips/ST04-005.html
* Cyber Security Tip ST05-006 - Recovering from Viruses, Worms, and
Trojan Horses http://www.us-cert.gov/cas/tips/ST04-006.html
* Trends in Badware 2007
http://www.stopbadware.org/home/consumerreport
* Don't Open Bogus Email that Comes from the FTC
http://www.ftc.gov/opa/2007/10/bogus.shtm
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/alerts/SA07-303A.html>
_________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "SA07-303A Feedback INFO#23" in the
subject.
_________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________
Produced 2007 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
_________________________________________________________________
Revision History
October 30, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRye7OfRFkHkM87XOAQIJ/wf/adM6xCzd0GBmHl0xCAUss2TbnEUX80dF
EwWhybpzNvqZNScriRaVRg7nAOzhNKIDWaURhwE0cbEO3FVBCRIYeEcOpzRq0B1h
vNxQQp5zxZzEBtkatNkpdnErVA7gP2vwszcBlGYoQIaOguOQ7KCcApXENF0Xbj7u
l6N0cjgCHpewRfFTXeWktbKBmEL39928lz7qDe5LW2oYLBAW6envxmqzMQRgZFvm
EarsjHot5fVMvgTW0PKDW5isMzS1hFxo9Y7iBbUzYHOwyEXmf2wAl+alsPy+eqAv
IGIaK4fZ1GWNkgIzY6r8bNwxnTepn7yk/381aKuSX2Q0XUBgintmoQ==
=nSFE
-----END PGP SIGNATURE-----
