Analysis by: Michael Angelo Casayuran

Black Hole exploit kit spammers are turning to Friendster users as discovered in a spam campaign. The spammed message disguises itself as a Friendster reminder about the recipient's account password. The email's From field is spoofed and the links in the message body redirect to a site hosting a Black Hole exploit kit. The spammed message may look like a legitimate notification from Friendster, which may prompt Friendster users to click on the links.

When users click on the link, they are also shown the following:

For updates on social networking accounts, users are highly encouraged to visit social networking sites directly instead of clicking links in an email.

 SPAM BLOCKING DATE / TIME: June 25, 2012 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:8996