E-Mail Fraud Scheme Targets FTC

Internet fraudsters have taken aim at the Federal Trade Commission, an agency that’s waged campaigns to help people avoid e-mail scams.

Yesterday, the FTC issued a warning about a bogus e-mail that appears to come from the commission’s fraud department.

The e-mail says it’s from “frauddep@ftc.gov,” and includes an attachment, when downloaded, and links, when clicked on, will unleash a software virus. The subject line, in many instances, read: Complaint update for [name of e-mail recipient] (Case id: #6473) .

The virus, the FTC says, apparently installs a keystroke logger program, which could enable a scammer to obtain an unsuspecting person’s passwords and account numbers.

Jackie Dizdul, FTC spokeswoman, today said thousands reported the malicious scam.

It is not the first attack against FTC. “It’s somewhat standard, spoofing an institution that people respect, such as a bank, a well-known e-commerce site, the IRS or FTC,” Dizdul said.

Government agencies have been taking measures to securegovernment e-mail messages, including one initiative to certify mail.

Some 150 federal agencies certify e-mail using Goodmail, although the FTC isn’t a customer, according to David Atlas, Goodmail’s senior vice president of worldwide sales. He’s quick to point out that certified mail wouldn’t have prevented this week’s scheme targeting the FTC.

“Anti-phishing, anti-spam, and anti-virus technologies filter out bad mail, and we see the limitations of those filters,” he said, thus giving rise to Goodmail’s technology that certifies e-mail from a trusted source. In December, Goodmail expects to deliver one billion certified messages, up from 100 million in June

Related reading