Malware authors just opened their own holiday season. We received couple of reports of a new AIM worm spreading. The worm is simple and doesn't exploit any vulnerability; instead it relies on social engineering. The user will receive the following AIM message:
"This AIM user has sent you a Greetings Card, to open it visit:
<AOL link is spoofed to point to a hostile web site instead, where the privacy of the user could be affected >
Please be careful during the holiday period, avoiding all suspicious URLs and attachments in emails or instant messages.
New AIM Worm - Uses spoofed Holiday Greeting Card link