July 21, 2006From the FBI...NOT!
Here is a malware propagation message I received that is bound to catch plenty of unsuspecting folks off-guard:
We have logged your IP-address on more than 30 illegal Websites.
Please answer our questions!
The list of questions are attached.
*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 283-2717
There is a 3.2 kilobyte file attached called Questions_List.zip. Viral analysis shows it to be a Trojan loader—a tiny program that reaches out to a specific place on the Internet and downloads more nasty stuff that takes over your computer.
Probably 80% of Internet users don't know what an IP address is, and 99% of Internet users wouldn't know that your IP address (which is usually logged when you visit a web site) does not reveal your email address. Technically, the content of this message is bogus, but it sure sounds possible to the non-geek.
By the way, as I'm a proponent of checking the least forgeable part of an email message's header to see where the message really originated from, I can say with high confidence that the United States FBI does not send mail through a German email server. That's where the one I received came from (probably another compromised PC).Posted on July 21, 2006 at 11:57 AM