The main feature of this e-mail is that the sender name is "FBI", and sender's e-mail address is tampered "fbi.gov".
If the receiver downloads and executes attached compressed file, user PC can be infected by malicious file.
2. Spreading path and symptoms of infection
Sender's "*****" consists of random numbers and it changes each time.
"document.zip", e-mail attachments, contains "document.exe" its decompressed form.
"document.exe" is disguised as a document type file and using PDF file's icon to deceive user.
The user will be infected after executing "document.exe", and this malicious file will access certain web site and try to download and install pusk.exe inducing user to pay.
* Download additional malicious file
Installed malicious program is masqueraded as a Windows recovery program, which tries to show fake error detection and treatment requiring screen. Finally it will induce user to pay.
Fake Anti-Virus program is also well known form of these malicious programs. This usually induces user to pay for treatment with showing fake windows' status being infected from malicious file. Recently, it shows fatal error screen in user's PC, therefore users have to be careful using internet.
3. How to prevent
To use PC safely from security threats of these malicious files, we recommend following tips "Security management tips" for general users.
document.exe : Trojan-Downloader/W32.FraudLoad.18432.AY
pusk.exe : Trojan/W32.Agent.510976.AB