Home Malware United States District Court Subpoena Malware Email

United States District Court Subpoena Malware Email

by Brett M. Christensen

Email purporting to be a subpoena from the United States District Court informs recipients that they must appear and testify before a Grand Jury. 

False – Malware scam email

Example:(Submitted, April 2008)

Subject: Subpoena in case #79-440-HOY

AO 88(Rev.11/94) Subpoena in a Civil Case
United States District Court Federal Seal

Case number: 79-440-HOY
United States District Court
YOU ARE HEREBY COMMANDED to appear and testify before the Grand Jury of the United States District Court at the place, date, and time specifiied below.

Place: United States Courthouse
880 Front Street
San Diego, California 92101

Room: Grand Jury Room
room 5217

Date and Time: May 7,2008
9:00 a.m. PST

Issuing officers name and address: O’Mevely & Meyers LLP; 400 South Hope Street, Los Angeles, CA 90071

Please download the entire document on this matter(follow this link) and print it for your record.

[LINK REMOVED] This subpoena shall remain in effect until you are granted leave to depart by the court or by an officer on behalf of the court.

Any organisation not a party to this suit thas is subponaed for the taking of a deposition shall designate one or more offcers, directors, or managing agents, or other persons to testify on its behalf, and may set forth, for each person designated, the matters on wich the person will testify. Federal Rules of Civil Procedures,20(b)(6).

Failure to appear at the time and place indicated may result in a contempt of court citation. Bring this subpoena with you to the courtroom and oresent it to the bailiff. Direct any questions to the person requesting you to appear: City Prosecutor.

Screenshot of scam email

Subpoena Malware Email

This seemingly official email purports to be a subpoena sent by the United States District Court. The message claims that the recipient must testify before a Grand Jury at a specified place and time. The recipient is instructed to follow a link in the message to download and print a complete copy of the subpoena document. 
However, the message is not from the United States District Court. In fact, the message is an attempt to trick recipients into installing information-stealing malware on their computers. U.S. Courts has published the following alert about the bogus emails on its website:

Notice: Invalid Subpoenas

Reports have been received of bogus e-mail grand jury subpoenas, purportedly sent by a United States District Court. The e-mails are not a valid communication from a federal court and may contain harmful links. Recipients are warned not to open any links or download any information relating to this e-mail notice. The federal Judiciary’s email address is uscourts.gov. The e-mails in question appear to be sent from a similar address that is not owned and operated by the federal courts. Law enforcement authorities have been notified.

Unlike more common mass email malware campaigns in which bogus emails are randomly distributed to many thousands of recipients at a time, these malware emails specifically target individuals. Each bogus message is individually tailored to include the name and business details of the intended victim. The inclusion of such personal information, along with seemingly legitimate logos and formatting may help to fool recipients into believing the claims in the message.

Those who follow the link in the message can inadvertently download and install malicious software that can log keystrokes on the infected computer and communicate with a remote server.

Legitimate subpoenas are not distributed via unsolicited emails. Fraudsters have used similar ruses in the past in order to trick victims into installing malware or revealing personal information. Internet users should be very cautious of any unsolicited emails that claim to be from government entities such as the court system, tax department or law enforcement.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,