The United States Computer Emergency Readiness Team (US-CERT) warns Internet users that they may receive a malicious email that seems to be sent from a legitimate email address belonging to the organization.
Local governments, state, federal and private sector organizations seem to be the main target of this latest phishing campaign that’s designed to gather sensitive information.
Baring the subject
Phishing incident report call number: PH000000XXXXXXX (where XXXXXXXX is a random numeric value or string) and apparently coming from an email address such as
soc@us-cert.gov, the malevolent message comes with an attachment.
The attached file is represented by a zip archive called
US-CERT Operation Center Report XXXXXXX.zip, which, when extracted, reveals an executable
US-CERT Operation CENTER Reports.eml.exe.
US-CERT will provide additional information as it becomes available, but in the meantime, internauts are advised to install antivirus software and make sure its virus definition database is always up-to-date.
Also, avoid opening attachments contained in emails that come from suspicious email addresses, especially if they contain executable files.
Find us on Google+
