Using the Treasury Secretary in a Phishing Scam

Somebody tried to pull a fast one on World Bank officials by e-mailing them a letter supposedly from Treasury Secretary Tim Geithner about China monetary policy, according to the Wall Street Journal.

The trick had nothing to do with plans to stop the foreign country from skewing the trade balance by manipulating China's currency. It was a phishing scheme intended to infiltrate World Bank computers via a malicious file attached to the e-mail.

The Journal's blog item reads:

"The virus was detected in an attachment sent to several World Bank officials in what appeared to be an email from Treasury undersecretary for international affairs Lael Brainard.

'Dear Colleagues,' read the email, which World Bank officials warned in an message to others was part of a 'phishing' email attack. "Please find attached letter from Secretary Geithner. We are thinking about our positions."

The email, which contained an attachment, was signed "Thankyou [sic], Lael."

. . .The attachment "contained a virus, which World Bank officials described as 'a serious threat to Bank Group information systems' in an email reviewed by the Wall Street Journal."

Phishing is a type of online scam in which a fraudster -- posing as a legitimate person or organization -- sends an e-mail to acquaintances of the legit party that directs them to a bogus website purportedly belonging to the established entity. The fake site asks users to enter personal information, such as passwords, that the perpretrator then steals.

Here are some perhaps safer Treasury attachments that the World Bank staff may want to read:

• You Can Fight Identity Theft
• Fraud and Insider Abuse