Lavasoft Affiliates

Lavasoft Affiliate Program

MSN Worm Distributes Malicious Links, Redirects Users to Phishing Site

I believe that every person who has used IM-clients for a while is familiar with messages like the one shown below. These messages are auto-generated by worms which harvest people’s address book/contact list.

The text often includes the word “picture” together with a malicious link. The link above uses the camera company Canon as a part of the link to look legitimate. The link redirects the user to a page where they are asked to fill in an e-mail address and password. They also use non-obtainable pictures in a private gallery as bait.

To test the scam out, I used a fake e-mail address ( together with a weak password (123456). I checked the Internet traffic while pushing the “Sign in” button. Both the password and e-mail address were posted to remote servers in plain text.

Sent Package: (

The conclusion of the test is obvious: the criminals get hold of all the confidential information needed to access your personal e-mail account.


Lavasoft Malware Labs

24/08/2009 - Posted by | 1 | , , , , , , , , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: