Business & Finance
News
10/29/2007
05:51 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Spam Spoofs FTC E-Mail To Distribute Keylogger

While the e-mail includes the FTC seal, it has grammatical errors, misspellings, and incorrect syntax.

The Federal Trade Commission, which regularly goes after spammers for violating the law, Monday warned that a spammer is sending out bogus e-mail messages that purport to come from the FTC.

The FTC said that the fraudulent e-mail makes reference to an FTC complaint supposedly filed against the message's recipient. The message includes links and an attachment that download a virus.

"Simply opening the e-mail does not appear to cause harm," said the FTC. "However, it is likely that anyone who has opened the e-mail's attachment or clicked on the links has downloaded the virus on their computer, and should run an anti-virus program. The virus appears to install a 'key logger' that could potentially grab passwords and account numbers."

The apparent originating e-mail address, frauddep@ftc.gov, is fraudulent, according to the FTC, as is the information in the messages return-path and reply-to fields. "While the e-mail includes the FTC seal, it has grammatical errors, misspellings, and incorrect syntax," the FTC said.

The FTC has asked recipients of such messages to forward them to spam@uce.gov and then to delete them.

Last week, SophosLabs said that the United States relayed 28.4% of the world's spam, more than fives times more than the number two relaying country, South Korea (5.2%). "Relaying" in this context refers to computers, "zombies" typically, that send spam at the behest of a remote spammer, who may or may not be in the same country.

"The problem is there are thousands of spammers using many thousands of compromised zombie computers in the US," said Carole Theriault, senior security consultant at Sophos, in a statement. "The only way we're going to reduce the problem is if US authorities invest a lot more in educating computer users of the dangers, while ensuring ISPs step up their monitoring efforts to identify these compromised machines as early as possible."

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.