The official-looking message claims that the recipients' company has made numerous misrepresentations regarding worker classification in an attempt to fraudulently lower workers' insurance compensation costs.

The e-mail then asks the recipient to fill out an attached form and fax it to NPRC fraud department in order to resolve the issue. However, instead of a legitimate form, the attachment contains a Trojan downloader with a malicious Windows executable file.

The NPRC posted an advisory on its Web site warning visitors to be wary of the attack. In an effort to appear legitimate, the email contains the NPRC banner. "This email was NOT sent or authorized by NPRC, and is NOT associated with NPRC. It likely contains malware or viruses that could harm your computer if you click on any links contained in the email or open any attachments," the advisory states.

The attack was discovered by San Diego-based Websense, specializing in Web, data and messaging security. Security experts contend that these kinds of phishing attacks are not as popular as they were in previous years.

"E-mails containing attachments are what we used to see in the past," said Stephan Chenette, Websense Security Labs manager. "We're seeing a lot less these days."

Chenette said that security trends indicate that attacks are increasingly occurring through malicious Web 2.0 applications. However, often users are brought to sites that contain malicious code after being enticed with a socially engineered e-mail message.

"Social engineering attacks will always be successful. They're banking on how users handle a particular scenario," he said. "In this particular case it was quite successful."

The NPRC attack is similar to previous highly publicized scams that have claimed to originate from governmental and nonprofit organizations such as the IRS, Better Business Bureau and the Department of Justice.

Security experts recommend that corporations invest in software that can monitor the Web sites visited by their employees.