Fake FTC e-mails harbor computer goblins

Agency personnel who click on their e-mail attachments too indiscriminately may be in for an unpleasant Halloween trick, according to the United States Computer Emergency Readiness Team (US-CERT).

E-mails appearing to be from the Federal Trade Commission have been making their way around the Internet and contain attachments that hold malicious miniprograms. Once activated by clicking on the attachment, these programs may log everything the user types, including sensitive passwords and account information.

Although the originators of the spoofed e-mails are unknown, they usually contain addresses such as frauddep@ftc.gov. The return-path and reply-to fields also contain FTC addresses.

US-Cert advises that users keep updated antivirus software and not click on attachments unless you know the sender is legitimate. The organization has a Web posting with additional tips for working with e-mail attachments.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.