The Internet Storm Center (ISC) “reports”:http://isc.sans.org/diary.html?storyid=4289 that CEOs have been receiving faux federal subpoenas via email. While there is an “online component”:http://en.wikipedia.org/wiki/CM/ECF to some case filings, ISC points out that initial contact is *always* made the old fashioned way, via snail mail. These emailed subpoenas turn out to be highly targeted spam, which includes a link to a badware site. This concept is not new, but it is somewhat interesting that these messages correctly correlate the email address of a CEO, that person’s name, and are formatted well enough that people have clicked through the badware link to accidentally download “this”:http://www.virustotal.com/analisis/13bfb6913f9c328c7b657fce4ba4c731. If you receive an email like this, ISC recommends doing some research and contacting a lawyer before clicking links.
On a more humorous note: do you remember that crazy night when you went out with friends? A spam-email is claiming to have videos of you [insert name here] romping around “in the buff”:http://www.itnews.com.au/News/NewsStory.aspx?story=74202! ITNewsAU was notified about this clever, and somewhat entertaining scheme, by “Marshal”:http://www.marshal.com/pages/securitycenter.asp, a security vendor headquartered in the UK. ITNews quotes Bradley Anstis, VP of products at Marshal, “The spammers are clearly hoping to shock unsuspecting recipients into investigating this compromising footage. In their haste to look into the claim, some people might not consider the message is malware.”
A variety of general thematic spam has started appearing on several current event topics from the Olympics to the US presidential primary. Symantec Corp predicted in “their recent”:http://www.symantec.com/business/theme.jsp?themeid=threatreport security report that the US presidential election will be oft-used by spammers, due to its high recognition with Americans.
Needless to say: be wary.
