New E-Mail Attack: Automatic Installations Bypassing Antivirus Alerts

Avinti, a developer of proactive e-mail security solutions, has issued a security alert about a new e-mail attack that disguises malicious code behind a seemingly harmless e-greeting. Is this just another one of theses attacks which tries to trick users in downloading a virus? What I found interesting that the articles states that theses types of emails should not be considered Spam. What do you think? This also brings up the question should spam filter's try to block theses emails or is it the responsibly of anti-virus software?

"Clicking on the Web site address link in the e-mail triggers an installation of one or two files on the user's machine, designed to capture user data. There is no user intervention required; the download is automatic," said Dave Green, Avinti's CTO. "The e-mail appears as plain text but most e-mail clients pick up the plain-text URL and highlight it for the user to click on," he added. "So the e-mail, as plain text, will pass through other antivirus (AV) gateways completely undetected. In case the Web address doesn't get highlighted, the e-mail also encourages users to copy and paste the URL into their browser."

The link for this article located at tmcnet is no longer available.