Learn how the latest phishing scam looks like and how to avoid it

Jan 11, 2012 15:59 GMT  ·  By

The United States Computer Emergency Readiness Team (US-CERT) warns Internet users that they may receive a malicious email that seems to be sent from a legitimate email address belonging to the organization.

Local governments, state, federal and private sector organizations seem to be the main target of this latest phishing campaign that’s designed to gather sensitive information.

Baring the subject Phishing incident report call number: PH000000XXXXXXX (where XXXXXXXX is a random numeric value or string) and apparently coming from an email address such as [email protected], the malevolent message comes with an attachment.

The attached file is represented by a zip archive called US-CERT Operation Center Report XXXXXXX.zip, which, when extracted, reveals an executable US-CERT Operation CENTER Reports.eml.exe.

US-CERT will provide additional information as it becomes available, but in the meantime, internauts are advised to install antivirus software and make sure its virus definition database is always up-to-date.

Also, avoid opening attachments contained in emails that come from suspicious email addresses, especially if they contain executable files.