FYI...SPAM phish leads to malware
19 Jan 2012 - "Our partners at the City of Seattle sent us a warning* today about a phishing campaign which targets users very close to home - specifically, Seattle Washington. They're seeing spam mail circulating that claims to be from Seattle Department of Motor Vehicles, stating that the victim is charged with a traffic offense, and requesting that they fill out a linked form... If the link is visited
that attempts to exploit an issue in MDAC
(Microsoft Security Bulletin MS06-014) that was mitigated by a Windows security update in 2006. If the exploit is successful, it will download and execute a file named "info.exe" from the domain “doofyonmycolg .ru”..." (!?)
"... The City of Seattle does not have its own Department of Motor Vehicles nor does the Seattle Police Department send email notifications of a traffic violations..."
Search for "QuickTime" Leads to Phishing Site...
19 Jan 2012 - "... if you were to search for the term "QuickTime" today, the 31st resulting entry would lead to a typosquatted URL, which pulls content from a phishing URL
... Clicking this Google search entry sends you to a fake QuickTime download site... The "Download Now" button doesn't take you to the download page for QuickTime software. It directs you to a phishing site instead. This alleged music download site phishes your credit card information on the membership fee payment page. Be aware of the risks of using your credit card on random websites
to avoid such phishing attacks."