Application security

FBI warns of three spam hoaxes

The FBI is warning citizens to be on the lookout for three separate email scams — including one that attempts to infect users with malware and two others that seek personal and financial information.

The biggest threat is posed by widespread emails claiming to include a greeting card attachment from friends, co-workers or family members, but unsuspecting clickers are instead diverted to a malicious webpage that attempts to exploit a vulnerability and upload malware, according to a FBI statement issued Tuesday.

Menashe Eliezer, who heads the detection center at anti-virus and anti-spam firm Commtouch, told today web-borne threats are getting more sophisticated.

Two other scams claim to be coming from the FBI or a U.S. military official. In the FBI example, the spammers offer lottery endorsements or inheritance money in exchange for a modest up-front payment, the warning said. Emails said to be coming from military leaders allegedly attempt to dupe recipients out of funds that will be used to benefit soldiers stationed overseas.

Spammers use legitimate-looking content, such as pictures and letterheads, to make the emails look like the real thing, the warning said.

"It’s an illegitimate form of marketing, but [spammers] have to deal with the same issues [as real marketers] in terms of getting people to answer their call to action," Rebecca Herson, Commtouch’s senior director of marketing, told today. "They’re trying to improve the look and feel of their campaigns the same way legitimate marketers are."

The FBI recommends users delete the "hoax" emails.

"Consumers need to be wary of unsolicited emails that request them to take any action, even if that means just clicking on an attachment," the warning said, adding that clicking could allow viruses or keyloggers to be installed on users’ machines.

Zulfikar Ramzan, senior principal researcher at Symantec, told that users should maintain an updated internet security solution, keep patches up to date and avoid following unknown links.

"These spam scams are particularly dangerous as many consumers consider communication from government agencies as credible," he said.

The FBI’s announcement was prompted by a high number of complaints lodged with the Internet Crime Complaint Center.


Click here to email reporter Dan Kaplan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.