Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 115 - June 2011 - Page 15

FBI 'You Visit Illegal Websites' Malware Email

Issue 115 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the FBI claims that the recipient has been logged visiting illegal websites and is required to answer a list of questions contained in an attached file.



Brief Analysis
The email is not from the FBI and the attachment does not contain a list of questions as claimed. In fact, opening the attachment will launch a fake anti-virus program that tries to trick users into providing credit card details. The same ruse has been used to distribute worms or malware for several years.

Bookmark and Share
Detailed analysis and references below example.



Last updated: 10th May 2011
First published: 10th May 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
From: FBI
Subject: You visit illegal websites


Sir/Madam, we have logged your IP-address on more than 40 illegal Websites. Important: Please answer our questions! The list of questions are attached.



Detailed Analysis
This email, which claims to be from the FBI, warns recipients that they have been logged as visiting more than 40 illegal websites. The message advises recipients to answer a list of questions that are supposedly contained in an attached zip file.

However, the email is certainly not from the FBI and the attachment does not contain a list of questions as claimed. Instead, the attachment harbours a fake anti-virus program that tries to trick users into submitting their credit card details. Once launched, this fake anti-virus program will supposedly scan the user's computer before displaying a message warning that the computer has a large number of serious virus infections. The message will also claim that the user must pay an immediate fee via a credit card before the anti-virus program can remove the virus infections. In fact, the supposed scan is entirely bogus and the viruses it "finds" do not exist. The fake program will continually display annoying and intrusive "virus warning" messages until the user pays up.

Some inexperienced computer users, first panicked by what they believe is a genuine message from the FBI, and then further panicked by dire warnings that their computer is riddled with dangerous viruses may hastily hand over their credit card information.

And the FBI ruse is apparently an effective tactic for criminals intent on distributing worms or malware. Back in 2005, another email that also claimed that the recipient had been logged by the FBI as visiting illegal websites was used to distribute the Sober worm. In fact, the wording of the two emails is virtually identical. Only the malicious payload is different. Some of the Sober worm versions claimed that it was the CIA rather than the FBI that had logged the illegal website visits. In 2007, another malware campaign used emails that falsely claimed that the recipient was under investigation by the IRS.

Users should be very cautious of any email that claims to be from the FBI or another law enforcement or government agency. If you receive such an email, do not open any attachments that it may contain. Do not follow any links included in the email. Rest assured, if the FBI (or the CIA) has a problem with your online activities it will not contact you via an unsolicited email.

Bookmark and Share

References
Sophos - FBI says you've been visiting illegal websites? It's a malware attack
Sophos - What is Fake AV?
FBI Virus Emails - Sober Worm
IRS Criminal Probe Scam Emails



Previous Article            Next Article

Issue 115 Start Menu

Pages in this month's issue:
  1. Inaccurate Message Claims That Missing Joplin Tornado Kids at Children's Mercy, KC
  2. Hotmail Account Deactivation Phishing Scam
  3. Fake Virus Warning - Do Not Add 'Howard Hertzberg' Because Its a Virus
  4. Exer-Hide Dog Chew Warning Message
  5. Video Showing Man Taken by Killer Whale
  6. Picture of Huge King Brown Snake in Branxton NSW
  7. Dislike Button Virotrex Virus Warning
  8. Facebook Page Hacker Warning Message - "Visit The New Facebook" Links
  9. Dueling Banjos Hoax
  10. Advance Fee Scam - Prince William and Princess Catherine Worldwide Galore Promotion
  11. UPS Uniforms Hoax
  12. Trees Cocooned in Spider Webs After Pakistan Floods
  13. ABSA Phishing Scam Emails
  14. Osama Bin Laden Virus Emails
  15. FBI 'You Visit Illegal Websites' Malware Email
  16. HM Revenue & Customs Income Tax Repayment Phishing Scam
  17. Facebook Virus Warning - BBC Video Of Bin Laden Killing
  18. Pointless Warning Message - Facebook About to Become Owner of Your Private Photos
  19. Unfounded Facebook Rumour- Bob Howard Pedophile Warning