One e-mail claims you have ‘won a new iPhone’. Clicking on the
link however brings you to a page that attempts to exploit a number of
well known Internet Explorer vulnerabilities and then downloads a
malicious executable ’sys—-.exe’. This executable installs itself as a
service and upon review appears to be a spam bot. Anti virus coverage
was very spotty this morning but has improved during the day.
Another scam aims to convince readers they need to go and buy an
iPhone on what appears to be an Apple site (faked using a browser
helper object). Naturally the site does not belong to Apple and you end
up paying someone in Latvia. Sunbelt has a great writeup on this here.
Thanks to roseman for the link.
Powered by ScribeFire.