September 1, 2011

Return of the FTC Malicious Email campaign


Websense Security Labs™ and the Websense ThreatSeeker® Network have detected malicious emails posing as a consumer complaint notice from the Federal Trade Commission.    


Using names of government agencies as a ploy in this kind of malicious attack is anything but new.  We have reported that both the National Security Agency and the Federal Reserve were used in malicious campaigns.  The Philippine Bureau of Immigration's Web site got compromised early last month, and was even hosting a malicious file.  

The FTC campaign was first reported a few years back. It's interesting that in this case, as in other campaigns Websense Security Labs  has seen, the content of the messages is almost always the same.  The exact email format seen in this case (shown above) was also used a few years back.  One sure thing that's different is the binary involved.  Malware authors constantly change the malicious file involved in their campaigns. The malware is poorly detected by AV engines.


Websense Email Security and Websense Web Security protect against these kinds of blended threats with ACE, ourAdvanced Classification Engine.


Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.