Purported Sender
US Department of Justice

Spoofed Origin Email
complaintscenter@usdoj.gov

Content
“A complaint has been filled against the company you are affiliated to ( __________ ) in regards to the domain of business activity…”

Payload
“pdf_complaint.zip”

Graphic
Not Available

Nature of Attack
Email that provides a link to download a “complaint form” file, which contains malicious software

Description of Exploit
Installed malware to steal the following: stored IE passwords, protected storage credentials, outlook and outlook express passwords, remote desktop credentials. Also a variety of other tools.

Defensive Action
DO NOT click on the link to download the file-delete the email immediately. If you suspect that a PC has been compromised by this attack, immediately disconnect it from your network and run an anti-virus or anti-spyware utility (e.g., Trend Micro, Symantec, McAfee). Using a known safe PC, login to all online accounts you suspect may be compromised and change passwords.