New, more insidious phishing scam is triggered when unsuspecting users open an E-mail —Phishing Scam InformationWeek

Traditional phishing messages rely on persuading you to go to a Web site and enter personal information. The latest form of this attack doesn't require you to respond to the phishing e-mail at all - all you have to do is open it. When you do, it runs a script that rewrites the host files on your computer so that the next time you try to go to your online banking site, you get redirected to a fraudulent Web site that collects your logon information.

You can thwart this by disabling the Windows Script Host [WSH] by the following steps:

WSH is installed by default in Windows XP. Disabling it will prevent .vbs files from running. Here's how:

1. Log on with an administrative account.
2. Right click My Computer and select Open from the context menu.
3. Click Tools and then click Folder Options.
4. Click the File Types tab.
5. In the list of registered file types, scroll down to find VBScript Script File and highlight it.
6. Click the Delete button.
7. Click Yes when asked to confirm that you want to remove it.
8. Click OK to close the dialog box.