These scam emails tell the recipients that their internet use has been monitored after they have been caught accessing illegal web sites. The emails then direct recipients to open an attachment, which is actually infected with the virus, in order to answer questions about their supposed illegal surfing.
The emails appear to be sent from the addresses firstname.lastname@example.org and email@example.com and contain the latest variant of the W32/Sober virus that raids the infected PC for email addresses to send itself to. The virus travels in an email message with the subject line: "You visit illegal websites" or "Your IP was logged."
These emails did not come from the NHTCU, the law enforcement agency stressed: "Anybody who receives such an email should delete it without opening it."
Other organisations to have been similarly spoofed this week include the FBI and CIA in the USA and the German Bundeskriminalamt.
"Opening email attachments from an unknown sender is a risky and dangerous endeavour as such attachments frequently contain viruses that can infect the recipient's computer. The NHCTU strongly encourages computer users not to open such attachments," the NHCTU advised.