MSN Worm Distributes Malicious Links, Redirects Users to Phishing Site

by Albin on August 21st, 2009 in Security Alert.

I believe that every person who has used IM-clients for a while is familiar with messages like the one shown below. These messages are auto-generated by worms which harvest people's address book/contact list.

The text often includes the word “picture” together with a malicious link. The link above uses the camera company Canon as a part of the link to look legitimate. The link redirects the user to a page where they are asked to fill in an e-mail address and password. They also use non-obtainable pictures in a private gallery as bait.


To test the scam out, I used a fake e-mail address (lololo@hotmail.com) together with a weak password (123456). I checked the Internet traffic while pushing the "Sign in" button. Both the password and e-mail address were posted to remote servers in plain text.

Sent Package: (email=lololo@hotmail.com&password=%C2%B4123456).

The conclusion of the test is obvious: the criminals get hold of all the confidential information needed to access your personal e-mail account.

Albin

Lavasoft Malware Labs

No votes yet

x

Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to lavasoft.com
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now