Security

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Don't open that malware mail from the Feds that's not from the Feds, Feds warn

By Iain Thomson in San Francisco

49 SHARE

Some scammers may have bitten off more than they can chew after they tried impersonating the FBI to spread malware.

The Feds' Internet Crime Complaint Center (IC3) issued an alert on Wednesday warning that it has received numerous complaints from citizens who have received emails purporting to be from IC3. Each message states that the recipient is due money as compensation from a cyber-attack, and asks them to fill out the attached document with their personal details – and, yup, you guessed it – that file is laden with malware.

The email claims a Nigerian had been arrested by the FBI in Atlanta, USA, and that the recipient's email address had been found on the imaginary scammer's computer. All the mark has to do to pocket their windfall is return the document with their contact details and wait for the cash to arrive.

"At least three other versions of the IC3 impersonation scam have been identified," the FBI warned. "As of July 2017, the IC3 has received numerous victim complaints regarding the scam."

Two other variants of the emails are in circulation. One claims to come from the FBI IC3 office in Houston, Texas, and informs the lucky recipient that they are due $10.5m in compensation from banking fraud.

The third letter take a more threatening tone, saying that the IP address associated with the recipient's computer has been under investigation since September 2017 for online crimes. The receiver is instructed to fill out the enclosed booby-trapped form and return it.

So far the FBI says no one appears to have been financially hurt by the scam, and it is probing the con. Agents are also seeking out the scammers – and very few things piss off the G-Men like someone taking their name in vain. Expect arrests. ®

Sign up to our NewsletterGet IT in your inbox daily

49 Comments

More from The Register

Russian malware harvesting Telegram Desktop creds, chats

Python programmer may have outed himself on YouTube

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

US-CERT warns of more North Korean malware

'Typeframe' springs from the same den as 'Hidden Cobra'

Advanced VPNFilter malware menacing routers worldwide

Cisco's Talos team says 500k already pwned and leaking data

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

DOJ convicts second bloke for helping malware go undetected

Scan scam? Scram

Worker perks flinger Sodexo pulls Engage website after malware smackdown

UK information commish is investigating

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Password-stealing backdoor lobbed at Windows boxes

Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares

Likely state hackers make do with 'living off the land' and going after tardy Office patchers

Fancy Bear still Putin out new modules for VPNFilter malware

Talos turns up obfuscation, lateral attacks, and proxies