REMINDER: Over the next several weeks I will be transitioning the MX Logic IT Security Blog over to the McAfee Avert Labs blog.  Please continue to follow me there. 

In the latest social engineering tactic targeting people who like to play games online, a new spam campaign has emerged attempting to lure users into downloading a Monopoly game, which is more like a game of Russian Roulette.  The email arrives as a seemingly innocuous invite from a random user (usually your first clue that this is something to avoid!) using an inviting subject line like "Play Online Together" or "Tom has invited you to play Monopoly":

If the recipient follows the link to the monopoly2009.com web site, they are greeted with a web page that actually looks fairly well done advertising the Monopoly "game" and encouraging the user to download using several links dispersed throughout the page after giving a brief history of the game and providing some fun facts.

No code is injected on the user's computer just by visiting the web page.  They need to download and install the monopoly.exe executable file that the site tries to deliver.  The executable file is just the first stage of the process, however.  A fairly common tactic being deployed by hackers is that the code that is installed as a result of the web site download is only the beginning.  At this point the trojan is activated on your computer, and now it is going to go out to another computer behind the scenes and download the second stage of the malware, the piece that turns your machine into a spam sending zombie touting Canadian Pharmacy products.

As the icing on the cake, the folks who created the page also included a hit counter at the bottom to lead you to believe that there are people playing the game online right now.  Don't be fooled.  This is merely a counter of how many people have visited the page thus far.