CEO subpoena scam fires up anew

Phishers are sending e-mail messages to senior execs within companies, telling them they've been subpoenaed for a federal court case

By Robert McMillan, IDG News Service
April 17, 2008

Talkback

E-mail

Printer Friendly

Reprints

After tricking several thousand executives into downloading malicious software earlier this week, online scammers started up their subpoena phishing scam again Wednesday, but on a much smaller scale.

First reported Monday, the phishers send a small number of e-mail messages to senior executives within companies, often CEOs, telling them that they've been subpoenaed for a federal court case. The e-mails direct the victim to a Web site that is very similar to a legitimate California federal court page, but ending in "...-uscourts.com," rather than the "....uscourts.gov" Web domain actually used by federal courts.

Although they end with the same letters, the domains used in this scam are actually different from and not connected with the uscourts.com Web site, which offers access to court records in some jurisdictions.

The e-mail sent to executives is specially crafted to appear legitimate, a tactic called "spear-phishing." The emails include the executive's name, company's name and even the correct phone number.

Executives who click on the link in the e-mail are then told that they need to download a plug-in in order to read the subpoena. That plug-in is actually malicious software.

Although the U.S. federal court system uses email to communicate information about cases, subpoenas for new cases are not served via e-mail.

Verisign, which estimates that about 2,000 people were tricked by the scam on Monday, believes that Wednesday's attack was on a much smaller scale. Late Wednesday the company's iDefense group had tracked only about 100 infections, said Matt Richard, director of iDefense's Rapid Response Team.

Security experts have been fighting the phishers. By Tuesday they'd managed to get the first phishing Web site taken down, only to have the second one pop up on Wednesday.

Because the attack targets such a small number of victims, anti-spam companies have had a hard time filtering the e-mails and antivirus companies have been similarly pressed to block the malicious software that the attackers are using.

Late Wednesday, antivirus companies were not blocking this latest version of the malware, said John Bambenek, a security researcher at the University of Illinois at Urbana-Champaign and volunteer at the SANS Internet Storm Center.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

Why San Francisco's network admin went rogue

Can you really live without Microsoft Office?

San Francisco's mayor gets back keys to the network

Mac (in)security: How to secure Macs in business

>> Talkback: Have your say

Do you have the power to resolve technical issues with one call?
Watch this webcast to get an under-the-hood look at a remote support solution that enables the IT organization to be the engine that keeps your end users productive and your company running.

» Click here to view this Webcast

Zombie PCs Are Attacking Your LAN
A recent study showed that malware-infected zombie PCs are now a bigger threat to ISPs and Web infrastructure than DoS attacks. As this brand new IT Strategy Guide explains, an increased use of peer-to-peer techniques by the attackers has made it harder to fight back. Download now, compliments of Verio:

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Discover How to Provide Anytime, Anywhere IT Support - Remote employees unduly bogged down with technical problems can mean significant losses in productivity, revenue and satisfaction...
Class of Service: Myths and Misconceptions - There has been much discussion about the benefits of CoS; but, there are also common myths, which unless challenged, can...
Factors to consider when comparing DSL or Cable - As the demand for high-speed access increases, businesses are looking for cost-effective connection options for remote workers...
Getting in Compliance with Government Data Regulations - This Whitepaper explores these standards and regulations-some firmly in place, some emerging, others in the formative stage...
Refine your company's plan for a Business Disruption Event - Many firms fail to consider how lines of communication will stay open in the event of a BDE. Make sure your company's mobile...
Telepresence For The Enterprise - Companies today are facing an array of business challenges, including the growing number of remote and virtual employees;...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

•

Application development

•

•

•

•

•

•

•

•

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

CEO subpoena scam fires up anew

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
SGI - SGI Adaptive Data Warehouse: Building a High-End Oracle Data Warehouse Microsoft - Learn about the software-based VoIP solution from Microsoft. Vizioncore - Complete Solutions for Virtual Server Management Microsoft - Meet Windows Server 2008. The server unleashed. HP - Whitepaper: How IT Quality Managers Respond to SOA Change Xerox - Experience the colorful side of business at www.frugalcolor.com IBM - Webcast: Take control of your content- leverage MOSS HP - Whitepaper: Software Quality Management for SOA AT&T - Thinking about IMS AT&T - Factors to consider when comparing DSL or Cable AT&T - Going mobile with today's technology AT&T - What to expect from a Technology Assessment. Polycom - Telepresence For The Enterprise GoToMyPC - Research Brief: Providing Secure and Cost-Effective Remote Access AppAssure - Keeping the E-Mail Flowing Tripwire - Secure your virtual and physical environments with the same software. CA - Efficient - Flexible - Compliant PGP - Is Your Data Safe? Novell, IBM, and Intel - Solution for Open Virtualization Provides Server Consolidation Curl - IT Guide: Rich Internet Application (RIA) Security Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. Cirba - Advanced Workload Analysis Techniques		Rackspace - Go Green Without Sacrificing Server Performance CA - Manage your IT more effectively. AT&T - Measuring mobile productivity CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event Cirba - Consolidating Workloads onto Mainframes AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist