The worm, known as Storm, initially tried to trick recipients with a dramatic news story. By clicking on a link to the fake story, recipients would effectively open their PC's doors. Security companies fought back, but Storm mutated, turning up in the form of e-cards from known contacts.
Researchers from the security firm SecureWorks announced at this week's Black Hat conference in Las Vegas that they've been tracking the worm, and uncovered the scam behind it. Apparently the people behind Storm are using their growing network of infected PCs to spread encouraging news about penny stocks. People fall for the ploy, buy the stock and drive up the price. Then the Storm folks sell, and cash in on the difference. How to avoid falling prey? Follow the same directions we keep hearing over and over again: Update your anti-virus software and don't click through on suspicious links.—Gregory Mone