The e-mail looks harmless enough: A link to a greeting card that appears to be sent by a friend. But clicking on the link can place porn images on a desktop, download a barrage of x-rated ads, or send similar e-cards to those listed in Outlook’s address book. There is no downloadable e-mail attachments to install or programs to run. All the user victim has to do to get infected is go to a link.
E-mail marketers — many of them porn sites — are increasingly borrowing tactics used by hackers to trick potential customers into seeing their messages, anti-virus experts say. And often, they use Microsoft’s ActiveX Controls, which are meant to make Web pages more interactive, to instantly download their unwanted programs. [CNN]
How to limit ActiveX controls to avoid this kind of spam/atttack: [Cyber-Hood]