Tag Archives: Federal Bureau of Investigation

Fraud/Malware Alert: Intelligence Bulletin No. 267

Here is some text from a fraudulent email that’s been popping up lately:

INTELLIGENCE BULLETIN No. 267
Title: New Patterns in Al-Qaeda Financing
Date: August 15, 2009
THREAT LEVEL: YELLOW (ELEVATED)

THE INTELLIGENCE BULLETIN PROVIDES LAW ENFORCEMENT AND OTHER PUBLIC SAFETOFFICIALS WITH SITUATIONAL AWARENESS CONCERNING INTERNATIONAL AND DOMESIC TERRORIST GROUPS AND TACTICS.

HANDLING NOTICE: Recipients are reminded that FBI Intelligence Bulletins =ontain sensitive terrorism and counterterrorism information meant for us= primarily within the law enforcement community. Such bulletins are not =o be released either in written or oral form to the media, the general p=blic, or other personnel who do not have a valid ?eed-to-know?with=ut prior approval from an authorized FBI official, as such release could jeopardize national security

All the spelling errors and odd characters are exactly as they appear in the message.

Do I even need to tell you this one is fraudulent?

If so, it is.

Furthermore, the message often contains a file named “bulletin.exe.” If you open this file, it will install malicious software on your computer, which can lead to serious problems (like fraud and identity theft).

The FBI does not email official reports, nor does it send unsolicited email messages. If a document is confidential, they’re going to keep it that way.

Whenever you get an email message you weren’t expecting, from someone you don’t know, use extreme caution when dealing with it. My advice is to not even open unsolicited messages, and delete them right away. However, at the very least, never click on links or open attachments in emails unless you already know what the file (or link) is, why it’s being sent to you, and who sent it.

Fraud Alert: The Internet Crime Complaint Center (IC3) warns of new fraudulent email

United States Attorney General Eric Holder’s name is being used in a new fraudulent email currently making the rounds. Below is an excerpt from the IC3 Intelligence Note:

The current spam alleges that the Department of Homeland Security and the Federal Bureau of Investigation were informed the e-mail recipient is allegedly involved in money laundering and terrorist-related activities. To avoid legal prosecution, the recipient must obtain a certificate from the Economic Financial Crimes Commission (EFCC) Chairman at a cost of $370. The spam provides the name of the EFCC Chairman and an e-mail address from which the recipient can obtain the required certificate.

The full text of the Note further explains that the government does not use email to contact people in this way. I would also add that the FBI and the DHS are not going to let people suspected of terrorism or money laundering buy their way out of trouble for $370.

Not even the FBI Director is above falling for a phishing scam

I spend a lot of time on this site repeating (explicitly or implicitly) these two ideas:

  1. You can take steps to vastly reduce your chances of becoming a victim of fraud or identity theft
  2. That said, nobody is ever 100% safe, and nobody is “too smart” to walk right into a scam

The following is an excerpt from a recent speech by FBI Director Robert S. Mueller, III:

Most of us assume we will not be targets of cyber crime. We are not as careful as we know we should be.  Let me give you an example.

Not long ago, the head one of our nation’s domestic agencies received an e-mail purporting to be from his bank. It looked perfectly legitimate, and asked him to verify some information. He started to follow the instructions, but then realized this might not be such a good idea.

It turned out that he was just a few clicks away from falling into a classic Internet “phishing” scam—“phishing” with a “P-H.” This is someone who spends a good deal of his professional life warning others about the perils of cyber crime. Yet he barely caught himself in time.

He definitely should have known better. I can say this with certainty, because it was me.

After changing all our passwords, I tried to pass the incident off to my wife as a “teachable moment.” To which she replied: “It is not my teachable moment. However, it is our money. No more Internet banking for you!”

If I didn’t dislike vapid clichés like “it really makes you think” so much, I’d probably say that right now. I mean, it would be funny (but not ha-ha funny) enough if someone like myself fell for a phishing email, but the FBI Director?

I think the Soup Nazi-esque “no online banking for you!” response is extreme, although I can see how a high-profile figure like Mueller could have his reasons beyond just his own personal finances for going offline—namely, his very credibility.

For the rest of us, though, online banking and bill payment is still very safe, as long as you’re informed when it comes to the dangers. If you get an email that appears to be from a financial institution, don’t click on any links within that message. Go directly to that bank, credit union or credit card company’s website by typing the URL manually, or by running a search on Google, and log in from there. Of course, if it’s from an institution you don’t even have a relationship with, you’re pretty safe in assuming it’s phony.

The full text of Mueller’s speech is an interesting read, if you have a few minutes, by the way.