How do all these things start? Well, mistreated users open their inboxes and find a message in with a HTML attachment. Some messages warn probable victims that dangerous files had been noticed. They can sight results of the virus scan (of course a fake one) in the HTML attachment.
You can also receive a message with the subject line "FIFA World Cup South Africa...bad news". The message itself is very short: "FIFA World Cup disgrace news, read attached document". The attachment in this case is also the .html file that, upon implementation, leads to a malicious website. Websense has already noticed more than 80,000 email messages belonging to this malicious spam campaign.