Back to Back Issues Page
Watch For Scams Newsletter. Malicious code in .gov email
February 15, 2011

Malicious code in .gov email

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Malicious Code in .gov Email

A recent malware campaign, disguised as a holiday greeting from the White House, targeted government employees. The recipients received the below e-mail with links to what masqueraded as a greeting card, but when they clicked on the link, it attempted to download a file named "card.exe."

The executable program proved to be an information-stealing Trojan, which would disable the recipientís computer security notifications, software updates, and firewall settings. The malware also installed itself into the computerís registry, enabling the code to be executed every time the computer was rebooted.

At the time of review, this particular malicious code sample had a low antivirus detection rate of 20%, with only 9 out of 43 antivirus companies reporting detection.

From: [mailto:]

Sent: Wednesday, December 22, 2010 10:33 PM

To: recipient's name

Subject: Merry Christmas, recipient's name

Recipientís name here,

As you and your families gather to celebrate the holidays, we wanted to take a moment to send you our greetings. Be sure that we're profoundly grateful for your dedication to duty and wish you inspiration and success in fulfillment of our core mission.

Greeting card:

hxxp:// hxxp://

Merry Christmas!


Executive Office of the President of the United States The White House 1600 Pennsylvania Avenue NW Washington, DC 20500

If you have been a victim of this type of scam or any other Cyber crime, you can report it to the IC3 website at: The IC3 complaint database links complaints for potential referral to the appropriate law enforcement agency for case consideration. Complaint information is also used to identity emerging trends and patterns.

Remember - always watch for scams!


Back to Back Issues Page