Fake Tor application delivers badware punch

From StopBadware.org...

You may have received an email over the past few days with a message about online privacy – a common subject line being “You are being watched online.” The messages urge the reader to download Tor, a distributed anonymity program popular as a tool to circumvent censorship. Unfortunately, the links in these messages don’t lead to the actual Tor download, but to a dangerous rogue application and pages that attempt to install badware on the user’s machine.

The real Tor website is located at tor.eff.org, and the real Tor software can be downloaded there. Legitimate copies of Tor are verifiable through instructions on the Tor website.

Rogue applications attempting to hijack the popularity of legitimate programs are unfortunately all too common. For example, many rogue applications purport to be anti-spyware tools but are in fact themselves damaging. It’s always a good idea to check out the reputation of any software you’re considering installing, and to verify that the version you’re considering comes from a reputable source. Similarly, be wary when following links in emails from sources you don’t know. An unsolicited link could lead to a page hosting drive-by badware downloads.

You can read more about the Tor spoof in BoingBoing and PC World.