EGUSD Information Security

The latest phishing campaign I have been seeing targets users of AOL Instant Messenger.    Users are sent an e-mail with a subject line reading something like “Your AIM account is flagged as inactive”.  If you open the message, the body of the email will read somehting like this:

Dear AOL Instant Messenger (AIM) user,

Your AIM account is flagged as inactive. Within the following 72 hours it’ll be deleted from the system.

If you plan to use this account in the future, you have to download and launch the latest update for the AIM. This update is critical.

In order to install the update use the following link. This link is generated exclusively for your account and is available within a certain period of time. As soon as this link is not available anymore you will get another letter.

Thank you,

AIM Service Team

This e-mail has been sent from an e-mail address that is not monitored. Please do not reply to this message. We are unable to respond to any replies.

Of course, downloading and running the application at the linked site merely installs a Trojan, which makes your computer a part of a bot-net and can be used to steal you personal and financial information.