FBI warns of Trojan-tainted resumes, other phishing scams

New phishing scams have become so alarming, they've sparked warnings from government agencies including the FBI and Department of Defense. The scams involve claims of Patriot Act violations, WikiLeaks threats, and faked resumes.

Although many people can recognize a phishing scam, countless more will fall for one. Three new ones have become so alarming, they've sparked warnings from various government agencies including the FBI and Department of Defense. The scams involve claims of Patriot Act violations, WikiLeaks threats, and faked resumes. All this to scare people to part with their money or take actions that will load malware onto their PCs (visiting a malicious Web site, opening an attachment).

The phishing fear factor:FDIC issued a special consumer alert about phishing e-mails supposedly sent by the FDIC that attempt to scare users with Patriot Act Violations. "The e-mail informs the recipient that 'in cooperation with the Department of Homeland Security, federal, state and local governments...' the FDIC has withdrawn deposit insurance from the recipient's account 'due to account activity that violates the Patriot Act,'" the alert states. Recipients are told to click on the link to "IDVerify" their account information or else their bank account will remain suspended. Consumers who visit the link are asked for sensitive personal information or malicious software infects their computer. These e-mails are fraudulent. Although the FDIC is investigating, it asked consumers to report such phishing attempts.Snopes documented an almost identical FDIC phishing scam in 2004. The IDVerify links opened to spoofed FDIC sites, but were traced to servers in Pakistan, South Korea, Seoul, Taipei and Taiwan.


Another scam meant to scare consumers into complying is related to WikiLeaks. The Spokane BBB warns of a phone scam that threatens consumers with fines and jail time. The described WikiLeaks-inspired phone scam goes like this: "A caller reported she received an automated phone call telling her that her computer and IP address had been noted as having visited the Wikileaks site, and that there were grave consequences for this, including a $250,000 or $25,000 fine, perhaps imprisonment." Then the consumer is presented with options to pay the fine. The FBI said "Caller ID is essentially meaningless" and reflects a spoofed phone number.

It's easy to phish by invoking the name WikiLeaks, because the truth of the government's reaction to its latest data dump continues to be bizarre. The Department of Defense (DoD) announced new guidelines for dealing with DoD employees or contractors who downloaded documents from WikiLeaks, according to PDF's of memos published by Secrecy News. The site reported that instead of having employees "sanitize" their own computers, the documents can be deleted by the IT department. The DoD memo [PDF] on the site states, "In the case of classified documents inadvertently accessed or downloaded from the WikiLeaks website or other websites posting WikiLeaks-related classified documents, the IAM [information assurance manager] will document each occurrence and delete the affected file(s) by holding down the SHIFT key while pressing the DELETE key for Windows-based systems."

Phishing scams targeting businesses:

The Internet Crime Complaint Center (IC3) posted a warning for businesses to be cautious about opening e-mailed resumes in response to their online employment postings. The FBI recommends for businesses to scan e-mail attachments for viruses and to "use separate computer systems to conduct financial transactions." IC3 explained FBI analysis of a case in which cybercriminals responded to job ad with malware attached to the resume. The company became infected with a Zeus Trojan that allowed cybercrooks to steal more than $150,000 via unauthorized ACH/wire transfers. SonicALERT reported the same CV Myresume.exe scam in July and warned, "The executable files inside the attachment has an icon disguised as a Microsoft Word document file."

Scams aimed at taxpayers:

Last but not least, at income tax return time, scammers and spammers will start to target victims with "too good to be true" tax evasion schemes. The IRS warns U.S. citizens that it is an obligation to pay income taxes and it's illegal to participate in schemes to avoid paying taxes. If you receive an unsolicited e-mail from the IRS, it's probably a scam.

Like this? Check out these other posts:

Follow me on Twitter @PrivacyFanatic

Copyright © 2011 IDG Communications, Inc.

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!