Users receive a spoofed email purporting to come from the security department at AOL claiming that the company suffered a security breach over the weekend and that confidential information may have been compromised.
The email also requests users to connect to a website to download and install a new 'security patch', which will 'protect their information'. The spoofed message reads:
'Failure to download this security patch in the next 48 hours will result in the temporary suspension of your America Online account. At this point we will send you a Security Patch CD in the mail. Upon installing it, your account will be reactivated.'
When users click on the link, they are redirected to a website hosted in Scotland which downloads a piece of malicious code, named patch.scr, written in Visual Basic and using Yoda Crypt.
When the file is run, a wizard opens to guide users through the disclosure of their confidential account and billing information, including their account limit. Once this information is obtained, it is sent in a text file via FTP to an account at a hosting facility.
Ross Paul, product marketing manager at Websense, said: "This is a blended threat that we haven't seen before. It combines the threat of a security breach with a link to a download that masquerades as a patch but in fact requests sensitive user information.
"The kind of questions it asks should alert you to the fraud because your provider already has those details."
HP and Centrica are the first industry partners to sign up to the government's new Code
New ice grows faster but is also more vulnerable to weather and wind
With a crackdown on cheats is coming in November, PUBG rushes to fix matchmaking problems introduced in Update #22
New material uses carbon dioxide from the air to repair and reinforce itself