Trend Micro Detects Fresh Spam Outbreak Diverting Internauts onto Malicious Websites
Researchers from Trend Micro the security company are warning of spam mail outbreaks apparently, without any definite time of stopping that aiming attack on unwitting Internet-users, take them onto malware-hosting online sites.
The newest spam campaigns as also the highly prominent ones in circulation involve fake notification e-mails from LinkedIn, Facebook, US Airways, and the United States Postal Service. One campaign has been spotted that even pretends to be an e-mail that CareerBuilder.com an employment site distributed to Internauts, the security experts outline.
This e-mail, displaying the header "New position found for at CareerBuilder.com," tells that the writer is an employee at CareerBuilder's customer service who's aware of a job opportunity at Security Finance Corporation, which the reader may find interesting. However, the opening can be availed depending on the person's resume details alternatively any latest application he may've posted to CareerBuilder.com. The CareerBuilder website can be accessed from the given link, the e-mail states.
Eventually, the e-mail signs off from the Chief Financial Officer whose name and signature both appear within a hyperlink.
Typically, this hyperlink when hit, leads users via several redirects to ultimately settle them on one hijacked website thrusting the Blackhole toolkit for attack-codes.
When Trend Micro researchers analyzed the above spam mails, they found them mainly hitting the US Internauts' inboxes while frequently getting spoofed to look like the companies' real, lawful e-mails.
Meanwhile, according to Software Architecture Director Jon Oliver at Trend Micros, there's direct evidence of the LinkedIn, Facebook and the other spam assaults having an inter-connection. Often, several spam outbreaks utilize the identical hijacked URLs, suggesting that a few of the perpetrators of the assaults at least are the same people, he continues. Blog.trendmicro.com published this dated April 30, 2012.
Oliver then adds that the e-mail attacks actually aim for the same goal i.e. using the toolkit to get the ZeuS Trojan installed onto the target end-users' PCs.
Finally, Trend Micro states that the above type of infections can be avoided if computer operators ensure they've updated their anti-virus signatures as well as deployed the most recent security patches onto their machines.
Related article: Trend Micro Detects Spam Mail Declaring World War III
» SPAMfighter News - 10-05-2012