Thursday, November 24, 2005

FBI warns of fake e-mail worm

Techworld reports The FBI has put out an official warning about a new variant of the Sober worm spreading through e-mails that purport to come from the US investigation agency.

The FBI never sends unsolicited emails to people
The FBI advised computer users that the agency never sends unsolicited e-mails and that they should not open the attachments, which contains Sober.x - a variant that has now be given a "high risk" rating by security experts Secunia. The scam e-mail tells recipients that their Internet use has been monitored by the FBI and that they have accessed illegal Web sites, according to the FBI.
The FBI may be monitoring people that access some terrorist websites, but they don't contact people about it.
The e-mails appear to come from e-mail addresses including mail@fbi.gov, post@fbi.gov and admin@fbi.gov, then direct recipients to open an attachment and answer questions. The text of the fake e-mail says: "We have logged your IP-address on more than 30 illegal Websites.
Most ISPs dynamically change your IP either each time you call (for dial up access) or once a day (for broadband access) so you can't run a server on your connection, so it takes a lot of work in their logs (it is possible, but difficult) to associate an IP address with a customer.
Important: Please answer our questions! The list of questions are attached." The messages then include a fake name of an FBI official and the real address and phone number of the agency. Catherine Milhoan, an FBI spokeswoman, said that recipients of the hoax e-mails began calling the FBI's Internet Crime Complaint Center yesterday to ask if they were legitimate. About 4,000 calls were received by last night, with some callers saying they had already clicked on the attachment. Others were cautious and wanted to check with the FBI before opening the attachment. An investigation into the incident is continuing.

No comments: