PSA: Spoofing a CIA Warning

(spoofing to transmit a virus)

Several staff have received emails that appear to be from the CIA. An example of the message is below:

—–Original Message—–
Sent: Wednesday, November 23, 2005 3:37 AM
Subject: You visit illegal websites

Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal websites.

Important: Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison
++++ Central Intelligence Agency -CIA-
++++ Office of Public Affairs
++++ Washington, D.C. 20505
++++ phone: (703) 482-0623
++++7:00 a.m. to 5:00 p.m., US Eastern time

While this email looks like it is from, rest assured that the CIA is not monitoring your Internet use. In fact, Internet use doesn’t even technically fall under the CIA’s jurisdiction…unless you are a terrorist.

This is an example of spoofing. Spoofing is commonly used by spammers and phishers to forge the From line of an email address.

In this case, the email had a virus attached. One of the clues that the email is a fraud is the email address that the email was sent to is not a valid email address. Another clue is the inconsistent capitalization — the “w” in we should have been capitalized. Phony emails also frequently have misspelled words in an attempt to sneak past junk mail filters.

In this case the “sphisher” (have I invented a new word) was sending a virus. If I would have opened the attached file then I would have gotten the virus on my computer. Luckily, PLCMC has sophisticated anti-virus and email filtering software installed, so the attachment never even made it to my Inbox.

When is doubt always close the email (or better yet don’t even bother to open it), and go to the home page where the email appears to have come from. A quick trip to brought up this message on their home page:

Some members of the public have in the past few days received a bogus e-mail falsely attributed to CIA’s Office of Public Affairs. CIA did not send that message. In fact, it does not send unsolicited e-mail to the general public, period. If you have gotten such a message, we strongly encourage you not to open the attachment, which contains a destructive virus.

For more information about phishing make sure to read Helene’s post on 11/18/05 about Bank of America and a phishing fraud, and if you have time take a look at this article:

About Lori Reed

Lori Reed, coauthor of Workplace Learning & Leadership: A Handbook for Library and Non-Profit Trainers, is a learning and communication strategist with more than twenty years experience in learning and development. A 2009 Library Journal Mover & Shaker and a 2010 "One to Watch" for paralibrarians, Lori graduated cum laude from East Carolina University with a Bachelor of Science in Communication. Lori is a certified Synchronous Learning Expert and a North Carolina Master Trainer and has traveled across North America speaking about libraries and training.

Speak Your Mind