Bogus email looks like FBI document
Spreads to contacts in address book
It’s being called the worst computer worm of the year — a fast-spreading Internet threat that looks like an official email from the CIA or FBI but can leave your computer wide open to intruders.
It must be a very effective social engineering method. My corporate e-mail address has been getting hit about 10 times an hour and I keep it well guarded. Must mean that other company systems are getting infected, not just individuals.
It works through the Shiva method. For instance you go for the low hanging fruit first, phone someone, say you see their computer is at danger, they will try to help you any way you want. The computer is a rock solid bastion, the person behind it maybe is another n33b, then the data on this secured computer maybe not so secure at all. Use your fantasy or train the end-user to work according to strict protocols: never talk to strangers, always say you will call back, secure hardware physically, etc. etc., else the human firewall is broken.