The US Federal Trade Commission (FTC) has warned users about a malware scam which uses phishing emails claiming to be from the Commission.
The FTC said that attackers have been targeting small businesses with phony complaint notifications as a means for installing malware. The messages claim to be from the FTC and include an attached document file.
Users who are tricked into believing the notification will open the document, triggering an attack script and an attempt to infect the system with malware.
The FTC said that companies can protect against the attack by being weary of messages containing the "notification of consumer complaint" headline and never opening attachments in unsolicited or otherwise suspicious email messages.
"The email falsely states that a complaint has been filed with the agency against their company," the FTC said in a notification to businesses.
"The FTC advises recipients not to click on any of the links or attachments with the email."
Though the FTC and other federal agencies do not deliver important notifications and documents via email, such attacks have become a common technique for cybercriminals looking to infect users with malware packages.
Attacks which utilise phony government documents are particularly popular during the tax season. Attackers often impersonate tax agencies with malware laden "notices" and other fake documents to trick victims.