Don't get infected on Valentine's Day
New versions of old scams debut today
There's Valentine's Day worms and phishing spam doing the rounds, and they're going to give you an infection you'd rather not have.
One phishing email - a new variant on an old trick - is spoofed to look like it comes from firstname.lastname@example.org, a well known e-card company. Click on the link, which claims you've been sent a Valentine's card, and a faked-up copy of that site's homepage tells you that "You don't have the latest version of Macromedia Flash Player".
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos and Symantec, are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date. ®