The latest versions of the MyTob worm are based on an e-mail phishing system that tries to trick users into downloading malicious code from certain websites.

Wednesday night, security experts warned that the authors of these new variants have "borrowed" some tricks from phishers to increase the effectiveness of their attacks.

So far, MyTob has spread only through files attached to e-mails. Once it is downloaded, the worm installs a backdoor and uses its own SMTP engine to broadcast all the contacts from the victim's system. The number of MyTob versions rated as extremely dangerous has reached 14.

This last version is concealed in an e-mail that looks it has been sent from the IT department of the ISP and contains an address to website where he has to confirm the validity of the account and type in some personal information. To make the message more credible, the text includes references to the user's domain name and to his email.