CNET también está disponible en español.

Ir a español

Don't show this again

Security

Spam postcard delivers surprise

Security research firm Sophos says a spam postcard making the rounds has the potential to steal sensitive personal information.

A spam postcard is making the rounds can deliver an unwelcome message if opened, said security research firm Sophos on Tuesday. The malicious postcard has the potential to engage in identity theft should Windows users click on the embedded Web site link.

The spam postcard spoofs the name of a friendly sender and prompts the recipient to click on a link to a Web site presumably presenting the postcard, according to Sophos. But users receive a nasty greeting when a Trojan horse on the link installs malicious code on the user's computer by exploiting a flaw in Internet Explorer. The code allows the attacker to steal personal information that may be stored on the user's machine.