Do you use Yahoo Groups?
Do not open any email that says "New Graphic Site" in the subject line.
From
The Register:
JavaScript worm targets Yahoo!
A JavaScript worm that takes advantage of an unpatched vulnerability in Yahoo!'s webmail service has been discovered on the net.
The JS-Yamanner worm spreads when a Windows user accesses Yahoo! Mail to open an email sent by the worm. The attack works because of a vulnerability in Yahoo! Mail that enables scripts embedded within HTML emails to be run within a user’s browser instead of being blocked.
Once executed, the worm forwards itself to an infected users' contacts on Yahoo! Mail. It also harvests these address and sends them to a remote internet server. Only contacts with an email address of either @yahoo.com or @yahoogroups.com are hit by this behaviour.
Infected emails commonly have the subject line "New Graphic Site" and are spoofed so as to appear from "av3@yahoo.com". Users who open infected emails will be redirected to a webpage at www.av3.net/index.htm.
Nasty stuff!
Posted by DaveH at June 13, 2006 1:34 PM