That warning comes from antivirus firm Sophos and security vendor Sunbelt Software. The malicious spam comes in the form of an email from "email@example.com" with the subject line "Internet Explorer 7 Downloads."
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The email displays an image that invites users to download beta 2 of the browser. But those who click the image will instead download a file called ie7.0.exe, which is infected by malware Sophos calls W32.Grum-A.
Grum infects executable files referenced by run keys in the Windows registry, Sophos said. When run, it copies itself to
Sophos Senior Technology Consultant Graham Cluley said attackers continue to use such tricks successfully because many users still haven't learned to be suspicious of unsolicited emails.
"The problem is that to the casual observer the email looks genuine, and the image displayed looks near-identical to the imagery that Microsoft is using on its Website to promote Internet Explorer 7," he said on the Sophos Website. "Clicking on the image, however, doesn't download the real beta -- but malicious code straight from the hackers."
This is the latest in a series of threats to plague Windows users in recent weeks.
Thursday, Microsoft acknowledged that attackers are using a new, unpatched flaw in Internet Explorer to compromise machines running a number of versions of Windows, including Vista.
Craig Schmugar of McAfee Inc.'s Avert Labs said in a blog posting that the lab has received a sample of one piece of malware that targets that flaw.
"Preliminary tests demonstrate that Internet Explorer 6 and 7 running on a fully patched Windows XP SP2 are vulnerable to this attack," he said. "Windows XP SP0 and SP1 do not appear to be vulnerable, nor does Firefox 2.0. Exploitation happens completely silently.
Last week, Microsoft also acknowledged last it's investigating reports of another flaw in Vista. That flaw reportedly affects Windows Mail on all versions of Vista. Cupertino, Calif.-based antivirus giant Symantec Corp. said attackers could potentially exploit a design flaw to delete files or shut down the victim's computer.
And two weeks ago, Israeli vulnerability researcher Aviv Raff warned of a flaw in Internet Explorer 7 that could be used to launch phishing expeditions.