F-Secure has noted that the folks behind the Storm worm have a new social engineering ploy on the go. They are sending out and email with an interactive dancing skeleton.
With an unpatched system, visiting the site will trigger an exploit to automatically download and execute a malicious file. The new filename is halloween.exe. We already detect this as Email-Worm.Win32.Zhelatin.LJ
I’m sure this doesn’t need saying but, I will anyway. Don’t click it if you get one.
[tags]Storm Worm, Malware, Virus, Social Engineering, Dancing Skeleton Email[/tags]