Malicious cards, Brittany Murphy poisoned search hit web

Security researchers on Monday began warning internet users of a pair of unrelated threats whose goal is to install malware on victims' machines.

Prashant Kumar, a virus analyst at Sophos, said in a blog post that a new wave of spam purport to be Christmas-related electronic greeting cards sent from Hallmark. However, clicking on the link included in the message installs a trojan known as VBlnject.

More e-card scams are expected during the holiday season, experts said.

Meanwhile, the untimely death of actress Brittany Murphy has, as expected, given rise to a number of poisoned search attacks, said Dave Marcus, a researcher and communications manager at McAfee Avert Labs, in a blog post.

Through a technique known as blackhat search engine optimization (SEO), searches for phrases such as "Brittany Murphy dies" or "Brittany Murphy 8 mile" have resulted in a number of questionable results trying to lure users to websites pushing rogue anti-virus programs or other malware. The ploy is a common one for attackers hoping to cash in on a curious public seeking news on a major media story.

"This has been a well established trend throughout 2009," Marcus said. "It is a sad reflection that malware authors and scammers will use these events as lures to distribute their warez and site links."