According to researchers at eleven, a German security firm, the new drive-by spam automatically downloads malware when an email is opened in the email client. The user doesn’t have to click on a link or open an attachment — just opening the email is enough.
The current wave of drive-by spam contains the subject “Banking security update” and has a sender address with the domain fdic.com. If the email client allows HTML emails to be displayed, the HTML code is immediately activated.
The user only sees the note “Loading…Please wait,” eleven says. In the meantime, the attempt is made to scan the PC and download malware.
Aside from updating their anti-spam and anti-malware tools, users can fight the new attack by deactivating the display of HTML e-mails in their email client, eleven advises. They can choose the option of displaying emails in pure-text format only.