PHISHING SCAM - CDC Sponsored State Vaccination Program for H1N1

CDC has received reports of fraudulent emails (phishing) referencing a CDC sponsored State Vaccination Program for H1N1. The messages request that users create a personal H1N1 (swine flu) Vaccination Profile on the CDC.gov website.

“The link provided in the email takes you to a very convincing looking imitation of a CDC web page where you are given a temporary ID and a link to your ‘vaccination profile’. The link is in fact an executable file that contains a copy of a Trojan most commonly identified as xpack or Kryptik.once installed on your PC, this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization. It also enables a remote hacker to take complete control of your computer.”

The messages are being received at a rate of 18,000 per minute, more than one million per hour.

CDC reminds users to take the following steps to reduce the risk of being a victim of a phishing attack:

* Do not open or respond to unsolicited email messages.
* Do not click links embedded in emails from unknown senders.
* Use caution when entering personal information online.
* Update anti-virus, spyware, firewall, and anti-spam software regularly.

Thanks to Lynne Weinstein McCollum, Legal Services Developer at Michigan Office of Services to the Aging, for passing along this timely information.