Return of the FTC Malicious Email campaign
Websense Security Labs™ and the Websense ThreatSeeker® Network have detected malicious emails posing as a consumer complaint notice from the Federal Trade Commission.
Using names of government agencies as a ploy in this kind of malicious attack is anything but new. We have reported that both the National Security Agency and the Federal Reserve were used in malicious campaigns. The Philippine Bureau of Immigration's Web site got compromised early last month, and was even hosting a malicious file.
The FTC campaign was first reported a few years back. It's interesting that in this case, as in other campaigns Websense Security Labs has seen, the content of the messages is almost always the same. The exact email format seen in this case (shown above) was also used a few years back. One sure thing that's different is the binary involved. Malware authors constantly change the malicious file involved in their campaigns. The malware is poorly detected by AV engines.
Websense Email Security and Websense Web Security protect against these kinds of blended threats with ACE, ourAdvanced Classification Engine.