PLEASE NOTE: The 'From:' e-mail address mentioned for each e-mail on this page, is often a spoofed e-mail address and not necessarily the true origin of the malicious e-mail. Any links displayed in the e-mail below are only used by the spammer as the anchor text for the dangerous link and is not necessarily the website responsible for the malicious software.
Date: 27 August 2007
Sender: User iotnvthjra <firstname.lastname@example.org>
Subject: Dude, what if your wife finds this?
Contains a link to: video.exe
You need to take this offline, it is in everyones email. :-( take a look, lol... http://www.youtube.com/watch?v=sTWXyOtwzBP
YouTube being used (abused) to draw attention to the malware file. Certainly something to make the recipient of the e-mail curious enough to click on the link. The web page automatically launch the malicious application and when the automatic execution fails, you receive a page with a friendly "click here" message containing a link to the malicious file. The achor text of the link (http://www.youtube.com/watch?v=sTWXyOtwzBP) is actually a dead link. This is only done to disguise the real link, so you won't go anywhere near YouTube if you click on it.