A spam campaign that poses as a virtual postcard delivery is being used to lure surfers into infecting their PCs with a Trojan horse.

Windows users who follow the web link in the junk emails are roped into visiting a website which exploits well known vulnerabilities to install the Clsldr-D [1] Trojan horse and other malicious code onto vulnerable PCs. The malicious emails are being sent from a variety of domain names.

"There's a very real risk that some people will think one of these emails is from a long forgotten friend or work colleague and follow the link out of curiosity," said Graham Cluley, senior technology consultant for anti-virus firm Sophos. "If you receive an unexpected virtual postcard it may prove wise to simply delete it."

The use of bogus e-cards to deliver malware is fairly uncommon but not unprecedented (examples here [2] and here [3]). The revival of the tactic illustrates that malware these days is delivered as often through maliciously constructed websites as via infected email attachments. ®

Related stories

UK trojan siege has been running over a year [4]
UK under cyber blitz [5]
VXers love Britney Spears - official [6]
Skulls Trojan poses as security code [7]
Bogus Jackson suicide bid claim used to spread malware [8]
Guerilla marketing tactics spawn viral fears [9]
E-card slimeware delivers pr0n [10]

Links

1. http://www.sophos.com/virusinfo/analyses/trojclsldrd.html
2. http://www.theregister.co.uk/2002/10/25/guerilla_marketing_tactics_spawn_viral/
3. http://www.theregister.co.uk/2002/10/25/ecard_slimeware_delivers_pr0n/
4. http://www.theregister.co.uk/2005/06/17/niscc_warning/
5. http://www.theregister.co.uk/2005/06/16/uk_cyber-blitz/
6. http://www.theregister.co.uk/2005/06/14/celebrity_virus_chart/
7. http://www.theregister.co.uk/2005/06/13/skulls_trojan_f-secure/
8. http://www.theregister.co.uk/2005/06/10/jackson_trojan_spam/
9. http://www.theregister.co.uk/2002/10/25/guerilla_marketing_tactics_spawn_viral/
10. http://www.theregister.co.uk/2002/10/25/ecard_slimeware_delivers_pr0n/