Trojan via postcard
by Nikola Strahija on June 30th, 2005 Virtual postcards are being used to lure surfers into infecting their PCs with a Trojan horse.
Windows users who follow the web link in the junk emails are roped into visiting a website which exploits well known vulnerabilities to install the Clsldr-D Trojan horse and other malicious code onto vulnerable PCs. The malicious emails are being sent from a variety of domain names.
-There's a very real risk that some people will think one of these emails is from a long forgotten friend or work colleague and follow the link out of curiosity, said Graham Cluley, senior technology consultant for anti-virus firm Sophos. -If you receive an unexpected virtual postcard it may prove wise to simply delete it.’
The use of bogus e-cards to deliver malware is a fairly new tactic. The revival of the tactic illustrates that malware these days is delivered as often through maliciously constructed websites as via infected email attachments.