Websense Security Labs was warning of a Twitter-related spam attack that tries to install rogue anti-virus software on the victim’s PC.
According to V3.co.uk, the e-mails are made to look like a Twitter Password Reset Notification message. The message contains a link to a compromised website that instructs the user to download a malicious executable named “password.exe.”
The executable is actually fake anti-virus software called Protection Center Safebrowser, which has been designed to appear genuine by alerting the user that it has discovered malicious files. Says Carl Leonard, senior research manager at Websense Security Labs:
What distinguishes this campaign from others is that it displays on your desktop some of the malicious files it installs.
So far, Websense says it has discovered about 55,000 instances of the malicious spam e-mail.