I don't really understand what is being said below by Mcaffee about this virus. Are they saying that it is not a virus, but somehow McAfee detects the page is fake and alerts the user accordingly? JS/CardStealer This detection is for HTML pages which claim to be a legitimate billing page that the user must enter their credit card and other personal information into. For example the page may masquerade as an AOL or Paypal related page. When the user enters information into the page and submits it, the data is sent to the author of the trojan page (not AOL or PayPal etc). This is often achieved by using remote Formmail scripts to send form data to a specified email address. Before sending your credit card information over web, always check to confirm the address of the web page. Also confirm that the information will be encrypted by checking that the lock icon in the status bar is closed. If the lock icon is on the HTML page instead of the status bar, that can be faked; if it's not on the status bar, it's not secure.