Subscriptions | RSS Feeds | Discussions | Polls | Site Map




All Threats

Viruses

Hackers

Spam
Whole site    Viruses
  
Virus Encyclopedia
Riskware
Alerts
Analysis
News
Glossary
Weblog

 
Archive

<< 2009  
Jan Feb Mar
Apr May Jun
Jul Aug Sep
Oct Nov  
About Diary's Authors
About Diary's Authors

The Analyst's Diary is a weblog maintained by virus analysts from Kaspersky Lab headed by Eugene Kaspersky. Find out more about the authors of this weblog.
Viruslist poll
How would you prefer to pay for your antivirus solution?
Using a prepay card
Via your mobile (SMS)
Via the Internet using a debit\ credit card
Using cash\ credit\ debit in a shop
Using an e-payment system (e.g. PayPal)
Other
  View responses
 

  Home / Weblog

Analyst's Diary

Unsubscribing from spam - still not a good idea


  Aleks       July 26, 2005 | 13:13  GMT

comments (2)  

Today I ran across an interesting piece of spam. The ending contained an offer to unsubscribe by clicking "here". Naturally, I clicked and landed on a web page (HTML) that supposedly checked my name against a database. The page then showed me the following message: "your address has been removed from the mailing list".

Sounds reasonable, doesn't it? But ... the end of the HTML file contains Exploit.HTML.Mht which uses the MHTML URL Processing Vulnerability to download malware: in my case it was Trojan-Dropper.Win32.Small.gr and Trojan-Spy.Win32.Banker.s.

Good reminder - never, ever unsubscribe from spam. At best you let the spammer know your address is live, and at worst you end up with an infected computer.

Read more:

Malware Evolution: January to March 2005
Microsoft Security Bulletin MS04-013

 

Copyright © 1996 - 2009
Kaspersky Lab
Industry-leading Antivirus Software
All rights reserved
 

Email: webmaster@viruslist.com