Claiming to have been alerted by an anonymous patron, the letter accuses email recipients of having child pornography stored on their hard drives and threatens to alert local authorities if a response isn't received within three business days.
Joan Irvine, executive director for ASACP, told XBiz she has no idea who is behind the spoofing attack or what the motive is, but that as of Sunday night she had received more than half a dozen complaints from people who were confused by the letter.
"I think it’s totally malicious," Irvine said, adding that the letter in no way resembles standard correspondences generated from her organization and even refers to child pornography as "child porn," a phrase that is never used by ASACP.
"We knew that as we became more visible, it might be more possible for such an attack to happen," Irvine continued. "It is sad that since ASACP is doing such a great job, they are trying to hurt our reputation."
Almost all responses to the spoofed email are from people saying they don’t visit adult websites and are concerned that they unknowingly have child porn on their systems. Irvine said that some recipients of the bogus letter included children and teenagers.
There is speculation that the spoofer obtained the list of email addresses through web-harvesting programs, although no adult lists were used.
ASACP is in the process of contacting the abuse and legal departments of all affected companies, requesting the header information of the email be sent to their customers so that forensic researchers can investigate the issue and forward information to the FBI.
Irvine is asking anyone who has received the spoofed email to please contact her immediately at Joan@ASACP.org.
