Clark Howard probably gives great financial advice, or so I would assume given that he's got a syndicated show on the topic. But great financial advice doesn't translate into malware advice. A consumer phoned into his show and detailed a phishing email he'd just received. Instead of warning the caller about the perils of logging in via links in fake banking email, Clark told the caller he'd been infected by a keylogger. He then advised him to scan his system with Spybot S&D.

Spybot S&D is a good, and free, program for what it does - mainly focused on adware and spyware. But the spyware it detects is mostly along the lines of scareware and other commercial threats. There are a little over 175000 signatures in Spybot and well over two million malware, so the math is pretty easy here.

There's been a lot of talk about cyber warfare and it always seems to invoke the notion of one government attacking another government. A sort of esoteric, virtual battlefield far removed from our mundane ordinary lives. So probably we don't pay a lot of attention.

But true cyber warfare is so much more than that. It boils down to this: it's the economy, stupid. He (or she) who controls the economy controls the world.

Cyber warfare is being played out based on economic dominance. It is not about crippling military power. It is about gaining the advantage in global stock markets. And your company is on the front lines whether you choose to pay attention or not. But if you do choose to ignore it, the stock market losses will be yours.

Attackers are sending email disguised as correspondence from the Centers for Disease Control (CDC). The email claims an H1N1 vaccination registration is required. Those who comply with the request won't be registering with the CDC - instead they will be infecting their computer with a version of the Banker trojan, which steals usernames and passwords from your online banking sessions. Details here.

It's Thanksgiving Day so with some much needed downtime, I decided to login to my fire mage and play a little WoW (World of Warcraft). No sooner had I done so that I was greeted with the following message:

"Blizzor: Hello, Christmas is approaching. Blizzard released Christmas gifts players can receive free of charge. Please login: wwww.Blizz-Christmas.com."

Now, Blizzard does actually give free Christmas gifts to players - but it's done in-game, with all major cities sporting a huge tree and lots of presents to open. But the Blizzor message is a scam, www.Blizz-Christmas.com is a phishing site that masquerades as a Battle.net lookalike. The intent is to steal your game login credentials. The site uses all Blizzard links in its source code - except for the actual login button. This could trick some naive gamers into believing it's legit. But it's not. Logging in via Blizz-Christmas.com won't net you free gifts - but it will give the attackers your account for free.

The domain currently resolves to 210.72.225.118, an IP hosted in China.

Phishing scams can be difficult to stop. But it seems to me that Blizzard should simply ban any toon names with "Blizzard", "Blizz" or any similar derivative to reduce the likelihood of anyone falling for the scam.