The fraudsters invite victims to sign up for a free two-week Web learning program that purports to be run by financial services company Credit Suisse Group to recruit staff, antivirus company Sophos said on Monday. The program offers to help students graduate in basic finance skills.
The catch comes in the second week, when students are asked to transfer some of their money as part of an exercise.
"They lure you with a false sense of security," said Graham Cluley, senior technology consultant at Sophos. "Its intent is to defraud innocent computer users out of their savings. Spam is usually things like Viagra and Rolex watches, but Russian spam tends to be about training courses and business opportunities."
The fraud Web site, which has already been shut down, was hosted on a .de Internet address. The Web site had been bought with a German credit card, which is believed to have been stolen and used by Russians, Cluley said.
"Scammers are getting more sophisticated in the way they attempt to steal money from innocent Internet users," he added. "This campaign involves luring people who may wish to generate an income from home into signing up for a fake training course that may teach them a very expensive lesson."
Last week, research from security company CipherTrust showed that most phishing e-mails are sent from one of five zombie armies of computers, otherwise known as botnets.