Thanks to our readers for letting us know that they are receiving a good amount of some very authentic looking phishing spam.  Although the email appears to be from CNN again, the origination address is not even obfuscated. ISC Handler, Daniel had written a story about the "CNN - Top Ten" storm worm a few days ago.

isc.sans.org/diary.html

These sort of emails have one big thing going for them.  The ability to get that user to click.  The CNN brand is trusted and recognized by almost all of our users.  Anyone seeing this email may not think twice about clicking on the link unless we tell them not to.  What a great opportunity for user training.  Send out a short Security Awareness Email to your users and explain to them what it really happening.  Ask them to tell their kids too. 

Far too many people are making this a very profitable way for cyber-criminals to make money.   Try to help your end users understand how to spot a fraudulent email address, how to dissect a domain name and find a masked url address.  Just think about all the infections and exploitations you may prevent.

For more information see the Anti-Phishing Working Group website.

http://www.antiphishing.org/