February 22, 2007
CHIEF EXECUTIVE OFFICER (also of interest to Security Officer)
Fraudulent E-Mails Claiming to Be From the FDIC
E-mails fraudulently claiming to be from the FDIC or VeriSign, Inc.
are attempting to deceive financial institutions in to installing
unknown software on their computer networks.
The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails
that appear to be sent from the FDIC or VeriSign, Inc. and ask recipients to run
a "security guard script" to secure Web sites. Currently, the e-mails are
purportedly from "FDIC Legal Information Technology," "FDIC Information
Security," or "Verisign Inc." and the subject lines include the phrase "Regular
Security Maintenance" or "Regular Hosting Security Maintenance." The e- mails
are fraudulent and were not sent by the FDIC or VeriSign, Inc.
The fraudulent e-mails state that "to secure your websites, please use the
attached file and (for UNIX/Linux Based servers) upload the file "vprotect.php"
in: "./public_html" or (for Windows Based servers) in: "./wwwroot" in your
site." The e-mails also provide instructions for recipients who "do not know how
to use" the file.
The FDIC is working with the United States Computer Emergency Readiness Team
to determine the exact effects of the executable file. Recipients should
consider this file to be a malicious attempt to collect personal or confidential
information. Financial institutions and consumers should NOT download the
executable file attached to the e-mails. Consumers and financial institutions
should report any similar situations by following the procedures below.
Information about counterfeit items, cyber-fraud incidents and other
fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial
Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or
transmitted electronically to firstname.lastname@example.org.
Questions related to federal deposit insurance or consumer issues should be
submitted to the FDIC using an online form that can be accessed at
Sandra L. Thompson
Division of Supervision and Consumer Protection
Distribution: All FDIC-Insured Institutions
NOTE: Paper copies of FDIC Special Alerts may be obtained through the FDIC's
Public Information Center (1-877-275-3342 or 703-562-2200).