One phishing email - a new variant on an old trick - is spoofed to look like it comes from services@americangreetings.com, a well known e-card company. Click on the link, which claims you've been sent a Valentine's card, and a faked-up copy of that site's homepage tells you that "You don't have the latest version of Macromedia Flash Player".
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos and Symantec, are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date.
http://www.channelregister.co.uk/2007/02/14/valentines_phishing/
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos and Symantec, are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date.
http://www.channelregister.co.uk/2007/02/14/valentines_phishing/
