Phishing Emails from US-CERT

Friday, January 13, 2012 @ 03:01 PM gHale


US-CERT issued a warning about a phishing email campaign coming from US-CERT.

“The subject of the phishing email is: ‘Phishing incident report call number: PH000000XXXXXXX’ containing an attachment titled ‘US-CERT Operation Center Report XXXXXXX.zip’, with the ‘X’ possibly indicting a random value or string,” US-CERT explained on its site.

RELATED STORIES
Trojan Acts like Carrier IQ Tool
Scareware Meets Smartphones
Smartphone Users: Malicious Apps Abound
Data Treasure on Old Smartphones

“The zip attachment contains an executable file with the name ‘US-CERT Operation CENTER Reports.eml.exe’. Reports indicate SOC@US-CERT.GOV is the primary email address being spoofed but other invalid email addresses are being used.”

The email went out to employees of private sector organizations and of federal, state, and local governments during the last few days, US-CERT officials said.

The attached executable is a yet unspecified type of malware and US-CERT advises users not to download and run the attachment, or even open the email in question, but just delete it from their inboxes — as they should with any other unsolicited email messages.



Leave a Reply

You must be logged in to post a comment.