URLSpoof is code written in the HTML language, which is included in the body of a message or of a web page in order to exploit a vulnerability in the browser Internet Explorer.
This vulnerability allows to craft a web link in such a way that, if it is clicked, Internet Explorer displays a web address in the Address bar, but accesses a different one. Moreover, if the user hovers the mouse pointer over the crafted hyperlink, the Status bar in Internet Explorer displays the legitimate web address, making the user believe that it would be the web page accessed if the link is clicked.
URLSpoof can be massively sent via email in messages with HTML format, or it can be hosted in web pages. These messages or web pages contain hyperlinks that would supposedly access websites that handle critical information, such as electronic banking sites.
In fact, the website displayed on the browser is a fraudulent copy, and third parties could access and use the confidential information entered by the affected user.
If your computer has Internet Explorer v5.01 or later, it is highly recommendable to download the security patch from Microsoft's website. Access the web page for downloading the patch.