Warning: Spam posing as CNN.com infects millions of PCs

There has been a major ongoing spam attack that has tricked users into clicking a fake message from a CNN.com Top 10 list. MX Logic, a Colorado security vendor, said the Top 10 list peaked at close to 11 million messages per hour one day last week, and has shown no signs of subsiding.

In fact, Sam Masiello, MX Logic's vice president of information security, told Computerworld that the attacks have morphed to include subject headings such "CNN Alerts: My Custom Alert" and have used a variety of file names in the malicious URL. Users who click on the links and download a bogus Flash update have been trapped in an endless loop of pop-ups. The only options for users then has been shut down their browser or and install malware.

For more on this threat:
- see this Computerworld.com article