Newly found Vulnerabilities 04/17/08:
Federal Subpoena Spear-Phishing Attack
We are aware of public reports of a spear-phishing attack
circulating via email messages that claim to be federal subpoenas. These
messages appear to be legitimate because they can contain very specific
information about the message recipient. The message requests that the user
follow a link to download additional information about the case, but if a user
clicks on this link, malicious code may be installed on the system.
We encourage users to do the following to help mitigate the risk:
Review
the alert
posted by the U.S. Courts regarding this issue.
Do
not follow unsolicited web links received in email messages.
Install
anti-virus software and keep virus signature files up to date.