Email users are being warned to be wary of 4 July malicious spam messages playing off the American day of independence by security experts.
The Threat Research and Content Engineering (TRACE) team at email and Internet content security provider, Marshal, has identified a new spam greeting card that invites recipients to retrieve a greeting card that someone has sent them.
The recipient is asked to click on a web link in the message to access their greeting card. By doing so, they expose themselves to vulnerability exploits and an executable file named "ecard.exe". But TRACE has identified the file as a copy of the Storm Trojan, which compromises the user's PC and merges it into a botnet – a network of computers that can be commandeered remotely by a controlling server.
The Storm Trojan first appeared in January 2007. It quickly gained success and notoriety by using the guise of current affairs headlines to fool unsuspecting recipients into clicking on a link which lead to the Trojan. Examples of the headlines used included, "Saddam Hussein alive!" and "Chinese missile shot down by USA aircraft".
Bradley Anstis, Marshal product management director said: "Today's run of the Storm Trojan using the Fourth of July as its hook continues this theme of exploiting current events to entice unsuspecting email users into infecting themselves.”
Further details and advice on the Fourth of July Storm can be found on Marshal's TRACE Centre website.