Mimail-P promises prize, steals information

Meet the new Mimail worm, same as the old Mimail worm — sort of.

The 14th variant of the Mimail worm surfaced Wednesday afternoon, and this one carries much of the same poison as previous variants. Namely, it phishes for sensitive user information, like credit card and Social Security numbers. The new variant also uses a phony PayPal data entry form.

This one, however, doesn’t try to scare PayPal customers into forking over their information. Instead, Mimail-P promises a prize for the New Year — the addition of 10% to a customer’s PayPal account….

Mimail-P is attached to an e-mail with the subject line “Great New Year Offer from PayPal.com.” The worm is packed in a .zip file called pp-app.zip, and it is spreading on Windows machines, via a self-contained SMTP mailing engine, to e-mail addresses found on the victim’s hard drive.”