FBI Seal Federal Bureau of Investigation
""
Home Site Map FAQs

Contact Us
Your Local FBI Office
Overseas Offices
Submit a Crime Tip
File an Internet Crime Complaint
More Contacts
Learn About Us
Quick Facts
What We Investigate
National Security Branch
Information Technology
Fingerprints & Training
Laboratory Services
Reports & Publications
History
More About Us
Be Crime Smart
Wanted by the FBI
E-Scams & Warnings
More Protections
Use Our Resources
For the News Media
For Law Enforcement
For Communities
For Researchers
More Services 
Visit Our Kids' Page
Apply for a Job
 

Investigative Programs
Cyber Investigations
Cyber Program Home
Cyber Investigations
- Operation Websnare
- Online Fraud Statistics
- Anti-Piracy Warning Seal Information
- Peer-to-Peer Network Risks
FILE A COMPLAINT, through the Internet Crime Complaint Center
Online Child Pornography Program
- National Center for Missing and Exploited Children
- Parent's Guide to Internet Safety
FBI/Private Sector Partnership: InfraGard
PROTECT YOURSELF!
- New E-Scams & Warnings
- How to Avoid Common Internet Frauds
Cyber Stories

Cyber Investigations Home

New E-Scams & Warnings

CELL PHONE DATING SERVICE SCHEME

06/28/06 —The FBI has been alerted to newly discovered malware located at http://www.irrealhost.com. Malware is software designed to infiltrate or damage a computer system without the owner’s consent.

The identified malware lures victims to the website through a bogus text message sent to their cell phones. The message thanks recipients for subscribing to a dating service (which is fictitious) and indicates that a subscription fee of $2 per day will be automatically charged to their cell phone bills until their subscription is canceled at the online site.

Recipients visiting the site http://www.irrealhost.com to cancel their subscription are redirected to a screen where they are prompted to enter their mobile phone number and then are given the option to run a program that is supposed to remove their subscription to the dating service.

When the run option is selected on the website, the executable adds several files to the host and changes registry settings to open a backdoor port and lower Windows security settings. The host file is modified to prevent the victim from browsing popular anti-virus websites. The executable also turns the infected computer into a “zombie” network, which can be remotely controlled by the hackers.

If you have received this, or a similar hoax, please file a complaint with the Internet Crime Complaint Center.

PHISHING ATTACKS TARGETING MYSPACE.COM USERS

06/15/06—The FBI has become aware of phishing attacks targeting users of the popular social networking web site, www.myspace.com (MySpace).

These attacks have come in the form of a bulletin titled "CHECK OUT these old school pictures...." When a user clicks on the provided link to view the pictures, his or her web browser is directed to a screen that is an exact reproduction of the MySpace login screen. However, this offer and its corresponding web site are not affiliated with MySpace. These attacks may be a vector to introduce Malware—such as a Trojan virus—to steal financial information from recipients. And while MySpace users do not typically store financial information on their personal pages, phishers may be gambling that the login information for users' MySpace accounts is the same for other accounts at financial institutions, online auction web sites, or online payment systems.

Consumers should be very cautious when providing login information to web sites they did not directly visit. CONSUMERS ARE FURTHER ADVISED AGAINST USING THE SAME USER NAMES AND PASSWORDS FOR THEIR VARIOUS ONLINE ACCOUNTS.

FRAUDULENT E-MAIL PURPORTEDLY FROM THE FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC)

06/14/06—The FBI has received complaints concerning a spam e-mail purportedly from the Federal Deposit Insurance Corporation (FDIC). This scheme originally was unleashed in 2004, but currently is resurfacing. The e-mail claims:

  • In cooperation with the Department of Homeland Security and federal, state, and local governments, your account has been denied insurance from the FDIC due to suspected violations of the Patriot Act.
  • Recipients may verify their identities by clicking the provided link, http://www.fdic.gov/idverify/cgi-bin/index.htm.
  • Once your identity is validated, all suspensions of insurance on your account will be lifted.
  • Failure to complete the identity verification will result in termination of insurance on your account and all records of your account will be sent to the FBI in Washington D.C., for analysis and verification.
  • Failure to provide proper identity may also result in a visit from Homeland Security officials or the local, state, or federal government.

Be cautious of e-mails requesting personal and/or financial information. Information related to Federal Deposit Insurance or consumer issues should be submitted to the FDIC using its online Customer Assistance Form.

If you have received this e-mail or one similar, please file a complaint with the Internet Crime Complaint Center.

THEFT OF DATA FROM THE DEPARTMENT OF VETERANS AFFAIRS (VA)

06/02/06—The FBI has been advised of a theft of data from an employee of the VA. The FBI is issuing this alert in the event individuals claiming to represent the VA begin contacting veterans and asking them to verify personal information such as Social Security numbers, etc.

Please be advised the VA is NOT initiating telephone calls or sending individual e-mail to potential identity theft victims asking them to verify personal information. If you DO receive a telephone call or e-mail from a person claiming to represent the VA, DO NOT provide personal information over the telephone and DO NOT respond to these e-mail messages. For more information on the theft of the data and current attempts to resolve the situation, please visit the VA's website.

If you believe that you have been a victim of a crime related to the theft of the VA data, please complete the following questionnaire.

Additionally, if you think you are a victim of identity theft, here are the steps which you should follow in order to protect yourself and your financial situation:

  • If the crime in any way involved the U.S. Mail, contact your nearest U.S. Postal Inspection Service office and report it.
  • Call the fraud units of the three major credit bureaus and request a "fraud alert" be placed on your credit file. Check your monthly financial statements for accuracy.
  • Contact your banks and creditors—by phone and in writing—to report the crime. You may be advised to close some or all of your accounts. At the least, change your PIN and passwords immediately.
  • Record the names and phone numbers of people with whom you discussed your case and retain all original reports and supporting documents. Keeping accurate and complete records is a big step toward helping you resolve your problem.
  • Contact your financial institutions and request they flag your accounts. Instruct them to contact you immediately if there is unusual activity on your accounts.
File your complaint online with the Federal Trade Commission (FTC), or call its Identity Theft Hotline at 877-IDTheft (877-438-4338). The FTC has counselors to assist identity theft victims with resolving financial and other problems that can result from this crime.
FBI.gov is an official site of the U.S. Federal Government, U.S. Department of Justice.