Thousands of high-ranking executives across the country have been receiving e-mail messages this week that appear to be official subpoenas from the US District Court in San Diego, the New York Times (NYT) reported on Wednesday.

Each message includes the executive's name, company and phone number, and commands the recipient to appear before a grand jury in a civil case.

A link embedded in the message purports to offer a copy of the entire subpoena. But a recipient who tries to view the document unwittingly downloads and installs software that secretly records keystrokes and sends the data to a remote computer over the Internet.

This lets the criminals capture passwords and other personal or corporate information.

Another piece of the software allows the computer to be controlled remotely. According to researchers who have analysed the downloaded file, less than 40 per cent of commercial anti-virus programs were able to recognise and intercept the attack, said the NYT report.

The tactic of aiming at the rich and powerful with an online scam is referred to by computer security experts as whaling. The term is a play on phishing, an approach that usually involves tricking e-mail users - in this case the big fish - into divulging personal information like credit card numbers. Phishing attacks that are directed at a particular person, rather than blasted out to millions, are also known as spear phishing.

The latest campaign has been widespread enough that two California federal courts and the Administrative Office of the US Courts posted warnings about the fake messages on their Web sites. Federal officials said they stopped counting after getting hundreds of phone calls from corporations about the messages. At midday on Tuesday, one anti-spam company, MX Logic, said in a Web posting that its service was still seeing at least 30 of the messages an hour.

Security researchers at several firms indicated that they believed there had been at least several thousand victims of the attack whose computers had been compromised.