Having the web browser remember passwords and/or logins can be convenient, but it poses some security risks.

The experts from ESET company warn the Internet users about the e-mail messages, presumably sent by the Delta Air Lines, confirming the purchase of air tickets to Washington, DC. In reality it is a clever scam aim at stealing sensitive data (like logins and passwords) stored in a web browser and e-mail programs.

The imprudent recipient of such e-mail, who, without a second thought, decides to open the attached file (or a link), will instantly download an malicious malware designed to look like a proper Microsoft Word document. The malware has a password stealing component, desinge to extract bank, PayPal or other financial details along with the e-mail or FTP (web space) login credentials. Moreover, after compliting its task, the program initializes a built-in self-destruct mechanism. In doing so, the victim may not even know that his or hers device was ever infected.