The US Federal Trade Commission (FTC) has issued a warning to businesses following the discovery of attacks which specifically target small and medium-sized firms.
The commission said that the malware attack uses phony complaint files said to originate from the FTC. The company is warning firms not to open the file attachments which come with unsolicited emails.
According to the FTC, the attacks claim to come from an FTC email address and disguises itself as a notice of a "consumer complaint" in an attempt to alarm companies and trick them into oppening an attached text file.
"The email falsely states that a complaint has been filed against their company," the FTC said in its alert.
"It contains a link to consumer complaints, a link to contact the FTC, and an FTC telephone number – but the email is fake."
The FTC is advising companies to delete any messages with the "notice of consumer complaint" subject line. Users who have opened the message are advised not to launch any file attachments and run anti-malware scans on their systems.
Though the FTC and other government agencies do not send official correspondence via unsolicited emails, such phony 'complaint' notices have become a favourite tactic amongst malware writers looking to infect the higher-value targets of enterprise systems.
Such attacks will likely be on the upswing in the coming months as the spring tax season begins to pick up and malware writers take to spoofing financial institutions.