Spammers tout 'nude' Angelina Jolie pix

Angelina Jolie is the latest lure in a campaign of malicious spam

Antivirus experts have warned of a new wave of spam messages that use fake events related to Angelina Jolie in order to trick users into downloading and installing malware.

Researchers at Romanian firm BitDefender said that this latest campaign is mostly carried via spam messages based around alleged adult video footage of the movie star.

In order to watch the 'movie', users have to download a file called 'video-nude-anjelina.avi.exe' which is infected with Trojan.Agent.AGGZ.

The spam message comprises an explicit image of Jolie, along with text claiming that the email has been sent as part of the MSN Featured Offers programme.

The message attempts to play a double role by trying to trick the user into thinking that this is a legitimate news message and by preventing spam filters from labelling the entire email as spam.

"The spam wave is part of a larger category of unsolicited messages that rely on social engineering techniques in order to lure unwary users into installing Trojans," said Vlad Valceanu, head of BitDefender anti-spam research.

"This type of attack seems to be extremely successful, as the number of messages has quickly escalated over the last couple months.

"In order to achieve their goals, spammers usually rely on international celebrities and their pictures, along with catchy yet fake news leads."

This is not the only incident involving Jolie. The actress recently gave birth to two children, and spammers took advantage of the event in order to infect more computers.

The spam campaign following the event announced that Jolie gave birth to no fewer than five children, and even offered users a link to a website allegedly hosting a small video of the event.

Once on the respective page, users were shown an image masquerading as a Flash video player.

But when the user landed on the compromised webpage, the download started immediately without any user intervention - a procedure also known as drive-by download.

The binary file was infected with Trojan.Downloader.Exchanger.Gen.1, a piece of malware that has been widely used in another spam campaign promoting an alleged antivirus utility called Antivirus XP 2008.