The newest method that is being highly utilized to trick people into becoming storm worm infected is by sending out e-mails regarding various "club" memberships. The e-mails typically contain some kind of member number, login ID, password ID, and a link to the malicious site. Here is an example:
Here is your membership info for Pet World.
Member Number: 11454551194824
Login ID: user3262
Password ID: xg341
Please Change your login and change your Login Information.
Click here to enter our secure server: Pet World
Clicking on the link within the e-mail offers an "applet.exe" file to download. This is a clear sign of the storm worm. The best security practice is to delete these e-mails and never click on links from an unknown source.
SANS Internet Storm Center
Posted by Kitch Spicer on August 23, 2007, in Handlers Log.