Maybe if our (USA) lawmakers get attacked and nasty details are published, it MIGHT (sometimes I doubt it though!) get some action. Unfortunately most lawmakers don't directly read their email as it is probably all printed out for them.

For those in the UK, s/congressman/MP/ .

Of course, a good secondary target might be executives at the Direct Mail Marketing Association.

In the mean time, we can only hope that someone will "get a clue".

Just how did reverse engineering the browser's helper object let Joe Stewart know that 1400 execs had taken the bait ?

And why am I now reluctant to click on his company's link ?

that browser helper objects are still loaded by default. The functionality can be disabled. During my time in the internet security field, I came up with a proof of concept which showed exactly how a BHO might do this exact thing. Kind of strange to see it popping up in the wild some 6 years later. We informed MS at the time that it was a massive security risk. Especially given the rapid popularity online banking was gaining. Everything changes, but of course, nothing changes.

Yet another ruse that targets IE.

One wonders how M$ can carry on so much about 'security' when their browser continues to be as secure as a wet paper bag.

When will the corporates grow up?

Reverse engineering lead to finding a website, finding this website lead to the discovery of data for 1400 execs. So what's fishy about that?

Why target our lawmakers (Congress, MPs, etc)? They were looking for information of value, not the stuff that goes into laws. That's useless, even more so once it gets published.

Now lobbyists. I'd pay for that information.

Let's see ... I'll develop an effective hook, hand-craft at least 1400 emails and after all my trouble I'll "store" my precious catch in a public place.