Blackhole Exploit Kit Spam Run Using Wells Fargo
Publish Date: 09 septembre 2012
![](https://documents.trendmicro.com/images/Wellsfargo1.gif)
Spammers use an email notification supposedly from Wells Fargo, making it appear that the notification is indeed from the said company. The message intends to lure users into clicking a malicious link found in the email message. Once the URL is clicked, it redirects to a site hosting a malicious JavaScript. The redirect page is pictured below:
![](http://www.trendmicro.com/vinfo/images/Wellsfargo2.gif)
While users wait for the website to load, the running script redirects to a blackhole exploit kit server. An exploit code starts to execute to deliver a .JAR file, which then downloads other malicious files on the affected computer.
Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.
Spam Blocking Date/Time: : 09 septembre 2012 GMT-8
TMASE
- TMASE Engine: :
- Patrón TMASE: atures du moteur TMASE: :9174