Hackers have launched a malware blitz that poses as a 4 July greeting card.

Malicious emails, distributed worldwide, claim prospective victims have been sent an email greeting card, which they can view by clicking a link online. Varied subject lines based on US Independence Day are used to bait the ruse.

Users duped into clicking on the link within the infected email are taken to compromised sites hosting exploits that attempt to load a copy of the Storm Trojan onto vulnerable Windows PCs. The latest spam campaign is being launched from compromised machines, which have been turned into malware spewing spam bots.

The Storm Trojan, which first appeared in January 2007, uses a variety of eye-catching fake headlines to tricks users into visiting maliciously-constructed websites, a tactic that proved depressingly effective and has made the malware strain a major problem over recent months.

As before, users are advised to maintain up to date security software and avoid the temptation to visit links sent in unsolicited emails. ®

Related stories

• Guessing at compromised host numbers (25 September 2007)
• US claims top spam spot (9 July 2007)
• Turing test challenges spam filters (6 July 2007)
• Rival malware gangs wage turf war (1 July 2007)
• Unwanted e-card conceals a Storm (29 June 2007)
• Bush on cyber war: 'a subject I can learn a lot about' (26 June 2007)
• FBI logs its millionth zombie address (13 June 2007)
• Zombies infiltrate US military networks (16 April 2007)
• Stormy weather for malware defenses (7 March 2007)
• Imperfect Storm aids spammers (19 February 2007)
• Anatomy sheds new light on Storm Worm (9 February 2007)
• Dutch botnet herder fined €75K for sending 9bn spams (2 February 2007)
• Storm Trojan gang declare start of World War III (22 January 2007)
• Inboxes battered by Trojan spam deluge (19 January 2007)