I'm not sure about the danger of the iframes... Anyway, this is a way of infection...
Technical,
kindly read this page JS.Flea.B
Thanks mina. For this kind of virus is what 'Heuristic' module is added to avast! Your link says:
JS.Flea.B
Alias: JS.Flea.b (Kaspersky),
JS/Fortnight.gen (McAfee),
JScript/FortNight.116.Trojan
Category: Java Script
Type: Trojan
Published Date: 11/30/2003
Last Modified: 12/1/2003
CHARACTERISTICS
JS.Flea.B is a worm, which spreads through a hidden link at the bottom of HTML e-mail messages created with Outlook Express.
Method of Distribution
Via Email/Website/Exploit
The link appears in an HTML IFRAME tag, and points to a particular file:
http://nc.com.tw:312*************/l.htm. At present, the link resolves to another file located on a pornographic site hosted on the terra.es domain. This file contains the worm code (encrypted Java Script), which in turn tries to load and execute the applet called "aa.class". Currently "aa.class" is no longer available
So, if the user can stay with the Heuristic module, he/she will be safer...
Anywary, deleting the email before downloading it is safe too...