We’ll always have Paris..

Maybe there are signs emerging that Lara Croft actress Angelina Jolie is no longer the sweetheart of malware authors.

Although recently we have seen a stream of Jolie-related malware campaigns (often spelling her forename Anjelina, and offering XXX-rated free naked videos of the mother of Brad Pitt’s children), a new attack is being seen right now exploiting the fine name of celebrity airhead and hotel empire heiress Paris Hilton.

The emails, which arrive with a subject line like “Paris Hilton Free Video”, have a message body including a clickable link entitled “Paris Hilton Scandal Home Video!”.

If the very thought of checking out Paris’s scandalous home videos gets your mouse finger all-a-twitching then you may find before you know it you are downloading a file called Paris-nude-video.avi.exe.

The good news is that Sophos is there to save you, detecting the malware proactively as Mal/TibsPk-F.

The modus operandi being used by the cybercriminals here isn’t unusual. As we describe in the recently published Sophos Security Threat Report we see many examples every day of the bad guys spamming out emails, containing links to malware on websites.

The fact that 90% of malware is found on legitimate websites that have been hacked underlines that it’s essential to not only protect your email from malware, but your web browsing too.