The worm arrives in an email implying the user has logged onto illegal websites, it asks the user to click on a link to some FBI questions, and instead downloads its malicious payload.
"These emails do not come from the FBI," said the Bureau in a statement. "The FBI takes this matter seriously and is investigating. Users receiving emails of this nature are encouraged to report to the Internet Crime Complaint Center."
Finnish anti-virus firm F-Secure suggested the emails are related to the Sober-K worm that SC reported yesterday.
The FBI advised users not to open attachments from any unknown senders.
The news comes in the same month that the FBI was forced to shut down its www.fbi.gov email system, run by an outsourced company, because of a possible security breach.
"These accounts are used for non-sensitive, non-secure communications and do not impact secure internal and external FBI email accounts. The FBI has suspended use of these fbi.gov accounts pending completion of a review of the matter," the Bureau said in a February 4 statement.