The latest Storm campaign uses fake YouTube links
to lure the unsuspecting to malicious sites.

According to security provider Marshal, the campaign made up around five percent of all emails sent in the last two days.

“This YouTube spam attack comes less than a week after the confirmation spam campaign. This group is definitely escalating its activity. We expect they will launch another campaign by the end of the week,” said Bradley Anstis, Marshal’s director of product management.

The email contains what appears to be a YouTube link, but instead it points to a site that uses what McAfee Avert Labs researcher Vinoo Thomas described as “a cocktail of browser and application exploits” in an attempt to install malware. If all that fails, the site encourages the visitor to download a Trojan with the filename video.exe.

Storm has gone through various iterations, attempting to fool users with bogus e-greeting cards (would you bother sending one any more?), fake login instructions (how many people would be tempted by the chance to use someone else’s credentials for a poker site, for example?), and now “friends’” recommendations of YouTube clips.

“It is only a matter of time before we see new campaigns targeting the current popularity of social networking sites like MySpace, Bebo and Facebook,” said Anstis.