IE Greeting Card Exploit Post Mortem

From the interesting people list back a couple weeks ago, an analysis of an E-card hijack spam.

I downloaded a.exe out of curiousity, and have been analysing it. The file contains a number of very interesting strings, which make it quite obvious that this program attempts to hijack the user’s personal login information as they log in to various popular Internet banking services.

This article scared me into using Firefox.

One thought on “IE Greeting Card Exploit Post Mortem”

  1. HTML emails can be quite a pain, specially those from people you don’t expect. Unfourtunately, at work, we have to use Outlook. I found this link on MS’s website to force Outlook to view emails in plain text. Althought I don’t see your “average” user going this far to protect themselves, mostly because they are not aware of what is going on behind the scenes.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>