At first, potential victims are greeted with a title in the line of "Million dead in Chinese quake", with the message featuring a link to a .cn site. Following the link, the user ends up a on a page bearing a report on the bogus earthquake.

The report claims that a 9.0 Richter scale earthquake has hit Beijing and made million of victims. Also, the quake has put all preparations for the Beijing Olympic games on hold. Interested parties can click on a link and see additional video details.

Needless to say, the link leads not to video content, but to the Nuwar-E worm.

According to Sophos, this bogus report campaign is lead via a botnet:

"Looking into this campaign, the .cn domains linked by the spam messages are likely part of a botnet. Each query to the nameservers for these domains returns a different IP address, indicating fast-flux behavior. The domains also serve webpages using the same web server seen in a number of botnet campaigns."

Earthquake threats have become quite popular in China nowadays, given the recent events in the Sichuan province. The earthquakes caused around 70,000 casualties back on May 12 and so, every such story is bound to get some attention.