WARNING: "Dell online store" trojan emails
Overnight many people were were slammed by Dell trojan spam and yes, I know of people who clicked on the link in the email.
Word is spreading about this latest attempt at social engineering, but I find it disconcerting that despite the email using an IP based URL, despite it having no graphics (even in HTML mode), and despite only cursory attempts being made to make the email appear legitimate, that people are still being fooled.
Info about the incident can be found at these URLs:
Australian Computer Emergency Response Team
Websense Security Labs .. "The site is encoding there code via Java Script which decodes to 8 different IFRAMES, all which attempt to load exploit code and download and install new malicious code. The site itself appears to be going up and down sporadically."
Dell's official blog and Dell Australia Web site
Below is a screen shot of the dangerous email, and a snippet of just one page of a GFI console that shows just how heavy the flood of emails was on one site ...