Posted by Virus Bulletin on Jul 9, 2007
Latest spam run masquerades as malware warning and fix.
The group behind last week's Fourth of July spams are thought to be behind another campaign this week, with messages claiming to warn of malware infections detected on the recipient's system, and a trojan waiting to be downloaded if a link to an alleged patch is clicked.
The spams use subject lines like 'Virus detected' or 'trojan alert', and suggest that malware is behind some 'suspicious activity' which has been spotted on the system by an unspecified 'robot'. Links marked 'install this patch' lead to web pages, via specific IP addresses rather than DNS names, which carry exploits attempting to infect vulnerable systems.
More details on the latest campaign, including screenshots of the spams, are here from F-Secure or here from Websense.
Posted on 09 July 2007 by Virus Bulletin
