The Federal Bureau of Investigation issued a warning about the
scam yesterday, advising that the agency does not send out
unsolicited emails to the public.
The emails read:
Dear Sir/Madam,
We have logged your IP-address on more than 30 illegal
websites.
Important: Please answer our questions! The list of questions are
attached.
Yours faithfully,
Steven Allison
Federal Bureau of Investigatios - FBI -
Another version of the email appears to come from the Central
Intelligence Agency, while a third version, in German, purports to
come from a German law enforcement agency.
The emails began appearing on Monday and, according to internet
security firm Sophos, by 2pm yesterday the worm accounted for over
61% of all viruses reported to the firm, making it the most
prevalent virus spreading across the world.
According to security firm MessageLabs, which intercepted over
2.7 million copies of the new variant yesterday, the email directs
users to open the attachment, which once opened delivers the Sober
virus payload. It then spreads by searching the infected computer
for other email addresses to send copies of itself to.
"This variant of the Sober worm may catch out the unwary as they
open their email inbox this morning," said Graham Cluley, senior
technology consultant at Sophos. "Every law-abiding citizen wants
to help the police with their enquiries, and some will panic that
they might be being falsely accused of visiting illegal websites
and will click on the unsolicited email attachment.”
As ever users are advised not to open unsolicited emails or
attachments and to keep their security software updated.
