Fake FTC e-mails harbor computer goblins
- By Joab Jackson
- Oct 31, 2007
Agency personnel who click on their e-mail attachments too indiscriminately may be in for an unpleasant Halloween trick, according to the United States Computer Emergency Readiness Team (US-CERT).E-mails appearing to be from the Federal Trade Commission
have been making their way around the Internet and contain attachments that hold malicious miniprograms. Once activated by clicking on the attachment, these programs may log everything the user types, including sensitive passwords and account information.
Although the originators of the spoofed e-mails are unknown, they usually contain addresses such as firstname.lastname@example.org. The return-path and reply-to fields also contain FTC addresses.
US-Cert advises that users keep updated antivirus software and not click on attachments unless you know the sender is legitimate. The organization has a Web posting with additional tips
for working with e-mail attachments.
Joab Jackson is the senior technology editor for Government Computer News.