In a drive-by download attack, scammers are luring web-surfing victims to a malware site with a bogus ShopNBC e-flyer (picture at left).  “Clicking on any of the links in the fake emails takes users to a website that attempts to load malicious JavaScript code. This code attempts to exploit vulnerabilities in outdated versions of popular programs installed on the visitors’ computers. Successful exploitation leads to a malware installer being dropped and executed on the system.”  One way to avoid the scam is to hover over the links in the e-flyer with your mouse to see where they actually lead before clicking on them.  Softpedia News Jul. 13, 2010