–FBI Investigating Cyber Theft of School District Funds
(September 25 & 28, 2009)
The FBI is looking into a series of cyber attacks across the country including several at public school districts in Illinois. The attacks may involve malware known as Clampi that is sued to steal bank account login data. The attackers stole $350,000 from Crystal Lake District 47′s bank account over the summer.

http://www.nwherald.com/articles/2009/09/24/r_81bg6yrarwyi8zmka9p1q/index.xml

http://www.computerworld.com/s/article/9138636/School_boards_hit_with_cash_stealing_Trojan?source=rss_security

(ED: The misspelling in the article is deliberate by SANS.)

Here’s the article from the SANS Newsbites column, Vol. 11, No. 77:

(I’ve pasted the whole thing here so that you can read it and also access the links at the end of the story)

–US-CERT Warns of Spam Pretending to be From IRS
(September 25 & 28, 2009)
The US Computer Emergency Readiness team (US-CERT) has issued an alert
warning of a spam attack in which the messages are spoofed to appear to
come from the US Internal Revenue Service (IRS) regarding underreported
income. The messages encourage the recipients to open an attachment or
click on a link to view their tax statement, but the attachment contains
malware and the link leads to a malicious website. The IRS warns people
not to open attachments in emails claiming to be from the agency. The
malware used in this attack is the Zeus Trojan horse program, which is
difficult to detect. Zeus is used to help cyber criminals steal money
from bank accounts.

http://www.computerworld.com/s/article/9138527/IRS_scam_now_world_s_biggest_e_mail_virus_problem?source=CTWNLE_nlt_dailyam_2009-09-28

http://voices.washingtonpost.com/securityfix/2009/09/irs_scam_e-mail_could_be_costl.html

http://www.us-cert.gov/current/#malicious_code_spreading_via_irs

Lesson: Be careful of how and what you type in the address bar.

EDIT: The site is gone.

TechCrunch article