IT Security: new wave of spam uses contact books from free e-mail accounts

An e-mail from a friend is always welcome - but not when it is a fake and the content is malicious.

In the past week, users within our own group of companies have received e-mails purporting to be from friends that, when opened, contained links to web pages that immediately diverted to websites containing either dubious or dangerous content.

One, apparently from a user of hotmail.com, was sent repeatedly, each time with a different heading and each time with a different link to a page inserted into an innocent but insecure website.

Another, apparently form a user of yahoo.co.uk contained no subject and no message, just a link to the website of a hotel in Italy - but to an illegally planted page which auto-diverted to a .ru domain which scanners reported carried a malicious payload and blocked before it could download and install dangerous code, suspected to be a trojan.

This latter emphasised the nature of the danger: the user unthinkingly clicked on the link sent by a friend: in the absence of a message to hint that the mail was not genuine, there was nothing to suggest that it was not genuine.

It is not the first time something like this has happened: last year the account of a British government officer with hotmail.com was compromised in a similar way. The criminals are sneaky: they do not use the account at hotmail.com, etc. to send out their spam. The account is left visually untouched.