Phishers ape anti-virus software vendor web pages
The principle of Potemkin Villages was the same, but now the trappings are different: phishers are increasingly aping the web pages of anti-virus software companies to carry out their fraudulent activities. They are sending spam e-mail advertising a free demo version of Trend Micro's anti-spyware product. As well as a detailed description of the benefits offered by the software, the e-mails also include a link to a deceptively genuine looking web page.
According to Trend Micro, the demo versions which can be downloaded from the website include malware in the form of TROJ_DROPPER.CNH, which downloads a spyware program, TSPY_AGENT.YZR. The web page does not request personal data, such as credit card numbers. The scam is nothing new in principle - virus authors frequently attempt to fool users with e-mails allegedly containing a link to an important update from Microsoft, which in fact conceals a virus.
Users should regard any e-mail containing a link with mistrust. Even where no data is entered on the web page to which the link points and no software is downloaded, users can still infect their PCs via vulnerabilities in Internet Explorer, Firefox or Opera.
- Trend Micro Web site - Phished!, Blog entry from Trend Micro