We all are used to hearing that you should open email attachments but now we have to be worried about people being tricked into uploading malicious scripts to their web sites too.

SANS Diary is warning of a new scam circulating that targets email addresses listed in WHOIS. The emails attempt to trick the recipients to upload an attached php file to their web server and then open the page in their web browser. There is no mention of what the php file does yet, but I’m guessing its almost certainly capable of giving the attacker access to the web server and/or attempts to load malware on the recipients’ computer.

[tags]email security, attachments, virus, worm, php, phishing, malware, exploit, vulnerability, email[/tags]

usrbingeek is a Commercial, Wedding, and Portrait Photographer in Vermont and is also a Global Admin on the WyldRyde IRC Network. WyldRyde offers a free chatroom that can be added to any web site or blog and is home to the Lockergnome Chat.