It seems as if the bad guys have more tricks than you can imagine.
Latest Trojan 'Phishes' For Personal Data 
By Antone Gonsalves, TechWeb News
A new trojan that's an offshoot of a recently discovered Internet worm is attempting to empty PC users' bank accounts by duping them into disclosing personal information, an anti-virus company said Friday.
Mmdload-A was distributed apparently through a mass mailing in an attempt to trick people into downloading the recently discovered Mimail-N worm, Sophos Plc said.
The trojan is the latest looking to gather PC users' personal financial data, so that "the bad guys can completely drain their bank accounts," Chris Belthoff, senior security analyst at the Lynnfield, Mass.-based company, said.
Mmdload arrives as a zipped attachment in an email that carries the same subject line and text as the Mimail worm. The message offers recipients the chance of winning cash, which will be deposited directly in their bank accounts, if they fill out the attached form.
Clicking on the attachment launches a program named PAYPAL.exe that contacts a Russian web site, www.aquarium-fish.ru, to download the Mimail worm. The webs site is the same used by Mimail to send completed forms disguised as coming from PayPal, an online payment service.
Besides displaying the forms asking for financial information, the worm also sends copies of the trojan and its attachment to email addresses it steals from the infected PC.
To defend against Mmdload and other malicious code, Sophos recommends companies consider blocking all programs at the email gateway. For most businesses, it's rare for employees to receive a legitimate program from the outside via email.
To catch the latest trojan, however, the gateways would also have to scan incoming zip files for executables.
"Companies using applications that only scan for executables based on extensions, they won't catch this because it's in a zip file," Belthoff said. "But if you can scan inside a zip file, which more and more people are doing, you should be able to stop this right at the gateway."
Nevertheless, educating the PC user remains crucial to avoiding infection.
"End users need to be educated not to respond to these messages," Belthoff said.