Why do I ask? Well, I got a spam/scam email today that pretends to be an alert from Microsoft, via the Secret Service that a backdoor has been found in Windows XP and that a patch has been released which will ‘fix’ this vulnerability.
Well, as you can imagine, the ‘patch‘ turns out to be a trojan/virus/worm thingy itself.
interestingly, this scammer uses imageshack.us to host his images. Here’s one:
The download site was WWW.WESTPAC-SITE.ORG which is hosted by one-and-one, a huge internet web hosting company and the rest of the details are probably spurious (Ian Arend from Victoria, Australia).
If you go to the westpac-site.org website, you find the beginnings of a Pharming operation, attempting to extract the PIN numbers of people’s credit cards for Bank of America accounts.
I have send emails to the relevant ISPs to try to get this site down as soon as possible, but people will get burned (unless that is, they see this posting first!)