Like any good business, the Storm is diversifying. This time, it's going into the lucrative phishing industry. As if it hasn't done enough damage, security researchers now suspect that portions of the destructive botnet are being rented out to phishers. Lovely.

Of course the advantage is that phishers will have the ability to target even more victims in exponentially less time -- the fast flux botnet is elusive, highly complex and very resistant to takedown or detection. Indeed, a winning combination. "The people who are pulling the strings, they basically went out and did another social engineering run," said Paul Ferguson, network architect for Trend Micro. "It's a game of numbers. Two people out of 10, or two out of 100 for that matter, and it might make it worth their while."

In the multi-faceted attack, users will see an e-mail with a catchy subject line, enticing them to open a message that will typically contain just a few words and a link. Once clicked, the malicious URL will then lead users to a compromised Web site, complete with keystroke logger Trojans, viruses or other forms of malware.