Monday, November 28, 2005

CIA Spoofed By Virus-Containing E-mail

If a bit odd, it looked official. Apparently thousands of e-mails, which purported to be sent by the CIA Public Affairs Officer Steven Allison arrived in computer users e-mail inboxes across the country and elsewhere around the world over the past several days, including that of Advance Indiana editor Gary R. Welsh. The message claimed that the CIA had “logged your IP-address on more than 30 illegal websites.”

The recipients were directed to answer questions from a document attached to the e-mail. The attachment, which Welsh wisely did not open, contained a virus. The address and phone number for the CIA’s Office of Public Affairs followed the note. The return e-mail address was

Upon calling the Public Affairs Office, an automated voice male message instructed e-mail recipients to immediately delete the e-mail from Steven Allison. The auto attendant told callers that the e-mail was a fake, and that the CIA did not send the e-mail.

A prominently displayed message on the CIA’s homepage reads as follows: “Some members of the public have in the past few days received a bogus e-mail falsely attributed to CIA's Office of Public Affairs. CIA did not send that message. In fact, it does not send unsolicited e-mail to the general public, period. If you have gotten such a message, we strongly encourage you not to open the attachment, which contains a destructive virus.”

According to Information Week, the virus attached to the e-mails is a variation of the long-running Sober worm. The FBI has similarly been spoofed by the virus-containing e-mails. The creators of the virus are suspected of being from Germany according to Information Week.

No comments: