We are currently processing several thousand messages in yet another email spam campaign, this time related to Skype and all its goodness.
Unlike the other malicious campaigns we have seen recently, this one does not make use of an attachment, but instead provides the unsuspecting user with a URL to download add-ons for Skype, which are malicious. The URLs themselves are fairly new: the domains being used are no more than a month old. As a result of this they do not appear suspect, and with enticing and legitimate-enough names, a user could easily be misled into thinking these are for a good cause.
The structure of the email message looks very well composed, as it has all the necessary words to make it look legitimate as can be seen from the screenshot below.
The aim of this campaign is to lure users into divulging sensitive information such as credit card details, name etc as it provides the user with a payment page which masquerades as a url using ssl for secure payment as can be seen from the screen shots below.
Also see: No, you don’t need to pay to download Skype http://sunbeltblog.blogspot.com/2010/09/no-you-don-need-to-pay-to-download.html