The story: I posted a number of things on Craigslist today, two of which were guitar amplifiers. I received two responses within minutes of each other, on those amps, from two completely different email addresses - one being a Hotmail account, and the other a Live account. Both have the exact same message body:
In each email, that "question" was followed by a URL (which I am not publishing for obvious reasons). I clicked on the links, which have the form "www.hostsimages.info/
"Will you trade for this?"
It's hard to see in the image, but the page looks like it has some images that it wants to load, but can't for some reason. Also, Firefox has posted a message in the yellow banner bar that says:
Now, I've never heard of "Flash Image Loader" but it sounds legitimate enough - what I didn't notice until later is that it is supposedly sourced by a company called "AdobeFlash". Hmmmm. Fortunately before clicking on the yellow bar, which would've downloaded a file, I looked at Firefox's status bar while hovering my mouse cursor over that message, and the actual download URL shown is "images201.com/imagex.exe". I have no idea what that executable is, but it sure isn't from Adobe and could literally be anything. (Googling "imagex.exe" comes up with a few things, but none of them have anything to do with Flash or Adobe.)
Finally: speaking of "Security Now", Steve has a post up on his blog about a recently discovered Adobe Flash exploit that everyone - yes even you Mac types (and Linux types...) needs to know about and take the appropriate steps for. Acrobat and (Acrobat) Reader are also affected, and the bad guys are already taking advantage of it. You can read about that here.