US-CERT is aware of public reports of an active email scam. These emails, which appear to come from seemingly legitimate law firms, indicate that someone has filed a copyright lawsuit against the message recipient. The messages may contain malicious attachments or web links. If a user opens the attachment or follows the link, malicious code may be installed on the user's system.
US-CERT encourages users to take the following preventative measures to help mitigate the security risks:
- Do not follow unsolicited web links and do not open unsolicited email messages.
- Maintain up-to-date antivirus software.
- Use caution when visiting untrusted websites.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.