Aaron Johnson Now with 50% less caffeine!

IE Greeting Card Exploit Post Mortem

From the interesting people list back a couple weeks ago, an analysis of an E-card hijack spam.

I downloaded a.exe out of curiousity, and have been analysing it. The file contains a number of very interesting strings, which make it quite obvious that this program attempts to hijack the user’s personal login information as they log in to various popular Internet banking services.

This article scared me into using Firefox.

HTML emails can be quite a pain, specially those from people you don’t expect. Unfourtunately, at work, we have to use Outlook. I found this link on MS’s website to force Outlook to view emails in plain text. Althought I don’t see your “average” user going this far to protect themselves, mostly because they are not aware of what is going on behind the scenes.