![Trend Micro Security](https://www.trendmicro.com/content/dam/trendmicro/global/en/global/logo/logo-desktop.png)
Blackhole Exploit Kit Spam Run Use Internal Revenue Service
2012年8月21日
![](https://documents.trendmicro.com/images/bhek_irs2.jpg)
This spam run uses the Internal Revenue Service (IRS) as the purported sender of the email notification. The email contains a link to a .DOC file showing a rejected payment to the IRS supposedly made by the recipient. Clicking the link to the supposed .DOC file brings the user to the following page:
![](https://documents.trendmicro.com/images/bhek_irs1.jpg)
The said page hosts a malicious JavaScript that points to a blackhole exploit kit server. A .JAR file is executed to download other malicious files onto the user's computer.
Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.
スパムブロック日時 : 2012年8月21日 1:00:00 GMT-8
TMASE
- TMASEエンジン:7.0
- TMASEパターンバージョン:9126