Spoofed PayPal and American Express Notifications Lead to Blackhole Exploit
Publish date: 03 de mayo de 2012
Spammed messages purporting to come from Paypal and American Express Bank are found in the wild. The spoofed Paypal notification claims that the recipient’s payment is already received. On the other hand, the bogus notification from American Express asks the users if they recently made changes to their passwords or asks them to verify their User IDs. These spammed messages contain links that when clicked redirect to a site that loads a JavaScript (detected as JAVA_BLACOLE.RCC). When loaded, this JavaScript points to a site hosting Blackhole Exploit.
Users are advised to be cautious when opening emails even if these came from known sources. Contact the organizations involved directly to verify if the email messages are legitimate.
Fecha/hora de bloqueo del spam: 03 de mayo de 2012 GMT-8
TMASE
- Motor TMASE:6.8
- Patrón TMASE: 8880