May 12, 2010
First a user receives a spam message containing a link to a file that can be downloaded in a Google group created by criminals. Various social engineering tricks can be applied to lure the user into downloading this file. For instance, the message may inform you that e-mail access parameters have been changed and you need to download a manual before your proceed with editing your account information. You may also be notified that your e-mail account has been compromised and the instructions file will provide you with information on how to deal with this situation.
Once a user clicks on the link, he gets to the page containing a download link to the file. The file can contain modifications of Trojan.Fakealert (fake anti-viruses).
If you try to follow such a link in several hours after the bulk of spam messages has been sent out, Google Group will inform you that the page you are about to open may contain spam. However, choosing "I would like to view this content" will allow you to access the download page. Therefore access to the malicious file is not disabled.
Doctor Web recommends users of Dr.Web software to use caution whenever you get a message from an unfamiliar sender especially if such a message concerns your e-mail account information or other personal data.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.