Facebook porn chicks and Skype payment spam

Graham Cluley
@gcluley

Yesterday I blogged about a widespread spam campaign that posed as a message to “Reset your Facebook password”, but was really designed to redirect you to a Canadian pharmacy website instead. En route you can also be hit by an exploit which attempts to load a booby-trapped PDF and slap you with an infected EXE file via some Java exploits.

Today it looks like the same gang have changed their disguise, spamming out many messages with the subject line “Problem with your payment” pretending to come from noreply@notifications.skype.com.

Clearly the “from” address has been forged, as is common with spam messages, and your suspicions should be aroused by the fact that there is no text in the body of the message but just an attachment called Skype.html.

Sophos detects the attachment as…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.