Security experts warned on Monday of a new insidious e-mail scam that features false information about a bomb explosion in the recipient's hometown and leads to a malicious Web site.
The subject lines include "Take Care!" and "Are you and your friends in good health?" The e-mail includes a link to what looks like a news article on a Reuters page about the bombing. But the Web page and the news are fake, according to e-mail security provider Marshal8e6 and antivirus firm Sophos.
The scammers are using IP address geolocation techniques to figure out what city the recipient lives in and are localizing the fake bomb news to that location.
Meanwhile, clicking on the fake Reuters video page leads to malicious Waledac code being downloaded on the computer, the security firms said.
Earlier this year, the Waledac worm tricked people with fake Valentine's e-mails.
The fake page circulating now also includes Wikipedia and Google search links as "Related Links" at the bottom in an attempt to make the page look legitimate. However, missing words in the text of the story and poor grammar are giveaways that the page is fake.