Service by email of a subpoena does not constitute legal service, yet thousands of CEOs and upper-level executives across the United States have recently been taken in by an unwelcome email in their inbox. The email, claiming to be a Federal subpoena (or, if you’re from California, “subpena”) from “subpoena@uscourts.com,” bears the seal of the U.S. District Court, and demands the recipient present themselves at a grand jury hearing in San Diego on May 7th. In addition the email contains a link and the instruction that the linked document should be downloaded and printed.
Faced with this email, would you attempt to comply with the instructions, and click the link?
If you did, you would not be alone. Almost 2000 of those who received the email are estimated to have clicked on the link, falling prey to a targeted “spear-phishing” attempt that downloads to their computer and those networked to it a virus designed to gather passwords, financial account and credit card details, and other similar private information.
A number of those targeted executives paused before clicking on the link and called the U.S. Courts Administrative Office for clarification, which responded by posting an alert on its web site, reminding readers that the Courts are a federal institution and therefore any email would come from a .gov and not a .com domain, and that in any case grand jury subpoenas delivered by email are not valid communications.
Verisign’s iDefense Labs, a cyber-security operation, has been keeping their eye on this and similar phishing attempts, appearing to come from other District Courts, from the Internal Revenue Service and from the Better Business Bureau. Working with law enforcement, network forensics investigators have followed the trail to a Singapore-based server, though no further information is available at this time.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
While this particular group of criminals weren’t too literate, as their emails contained a number of waving red flags, among them gross grammatical errors and misspellings, sooner or later a well-written evil email will be sent. Let us remind our readers, regardless of position in company hierarchy, to always follow safe email practices.
- Never open, forward, or reply to suspicious-looking emails. Just delete them.
- Never open email attachments or click on a link in an email unless you’re confident you know exactly what they are; confirm with the sender if not completely sure.
- Keep your antivirus, firewall and adware-defense software updated.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
