Federal Subpeona Email Hoax from Subpoena@uscourts.com Snares CEOs

The Internet Patrol - Patrolling the Internet for You

Service by email of a subpoena does not constitute legal service, yet thousands of CEOs and upper-level executives across the United States have recently been taken in by an unwelcome email in their inbox. The email, claiming to be a Federal subpoena (or, if you’re from California, “subpena”) from “subpoena@uscourts.com,” bears the seal of the U.S. District Court, and demands the recipient present themselves at a grand jury hearing in San Diego on May 7th. In addition the email contains a link and the instruction that the linked document should be downloaded and printed.

Faced with this email, would you attempt to comply with the instructions, and click the link?


If you did, you would not be alone. Almost 2000 of those who received the email are estimated to have clicked on the link, falling prey to a targeted “spear-phishing” attempt that downloads to their computer and those networked to it a virus designed to gather passwords, financial account and credit card details, and other similar private information.

A number of those targeted executives paused before clicking on the link and called the U.S. Courts Administrative Office for clarification, which responded by posting an alert on its web site, reminding readers that the Courts are a federal institution and therefore any email would come from a .gov and not a .com domain, and that in any case grand jury subpoenas delivered by email are not valid communications.

Verisign’s iDefense Labs, a cyber-security operation, has been keeping their eye on this and similar phishing attempts, appearing to come from other District Courts, from the Internal Revenue Service and from the Better Business Bureau. Working with law enforcement, network forensics investigators have followed the trail to a Singapore-based server, though no further information is available at this time.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

While this particular group of criminals weren’t too literate, as their emails contained a number of waving red flags, among them gross grammatical errors and misspellings, sooner or later a well-written evil email will be sent. Let us remind our readers, regardless of position in company hierarchy, to always follow safe email practices.

  • Never open, forward, or reply to suspicious-looking emails. Just delete them.
  • Never open email attachments or click on a link in an email unless you’re confident you know exactly what they are; confirm with the sender if not completely sure.
  • Keep your antivirus, firewall and adware-defense software updated.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.