Department of Justice Phishing Campaign

US-CERT has received reports of a phishing campaign that involves targeted email messages claiming to be from the Department of Justice. The emails include messaging that is designed to convince recipients that they are the subject of a business complaint filed through the Department of Justice. Initial reports indicate that as many as 20,000 users, representing a wide range of companies in the US, Canada, and Australia, have been targeted.

The reports also indicate that a Department of Justice template is being used in these attacks.  The Department of Justice released a statement on its website indicating that it does not, and would not send that type of information to the public via email.  The statement includes an example of the template being used.

To help protect against this type of attack, US-CERT recommends that users never open attachments or click links contained in unsolicited email messages. More information on how to avoid becoming a victim of such an attack can be found in the US-CERT Cyber Security Tips Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Attacks.