Spoofed PayPal and American Express Notifications Lead to Blackhole Exploit
Data de publicação: 03 maio 2012
Spammed messages purporting to come from Paypal and American Express Bank are found in the wild. The spoofed Paypal notification claims that the recipient’s payment is already received. On the other hand, the bogus notification from American Express asks the users if they recently made changes to their passwords or asks them to verify their User IDs. These spammed messages contain links that when clicked redirect to a site that loads a JavaScript (detected as JAVA_BLACOLE.RCC). When loaded, this JavaScript points to a site hosting Blackhole Exploit.
Users are advised to be cautious when opening emails even if these came from known sources. Contact the organizations involved directly to verify if the email messages are legitimate.
Data/Hora do bloqueio de spam: 03 maio 2012 GMT-8
TMASE
- Versão do mecan
- Patrón TMASE: 8880