New wave of Phony Amazon Confirmation Email Leads Malware

Phony malware-ridden Amazon.com order confirmation email are presently hitting inboxes and trying to con the internet users, according to security experts at security firm GFI Software.

The email looks quiet genuine, but the only thing observed that it gives away at first glance is the truth that many email are contained in the "To:" field and the email is personalized for the first recipient.

The users reach a HTML page that are hosted on various genuine but compromised word press domains when clicked on all those links in the email body except the linked email address, GFI's security expert, Jovi Umawing bewares, and add that the links are most likely to be modify from time to time, as published by HELPNET SECURITY on June 12, 2012.

As, all those links leads the users to a page where they supposedly have to pass the time for the information about the 'ordered' book to load in the meantime , some JavaScript code loads an iframe that leads to other page where the Black hole exploit kit was hosted.

While it's clear that the usual users should be cautious when obtained such emails, there are some measures that should be adopted by the hijacked site so that they could stop the cybercriminal operations.

Website owners, particularly the owner of word press are advised to periodically update their plug-in and themes. Also, be sure that the password is not so easy to be guessed by anyone and they should be regularly checking their website logs for any difference related to access and traffic.

Disturbingly, malware campaigns like these highlighted the truth that Black hole exploit kit in email campaigns is surging, commented by security expert of security firm. According to the comments which are backed by data released by AVG security firm, Black hole toolkit was the toolkit of choice for cybercriminals in Q1-2012, with its (AVG) research displaying that 70% of attacks were performed by variants of Black hole on average.

Also it is not the first time the Black hole is being used in malicious campaign. In June 2012 first week, a big wave of email supposedly to be craigslist notifications but containing links to website hosting the Black hole exploit kit hit the internet and was discovered by web sense.

Related article: New Zealand Releases Code To Reduce Spam

ยป SPAMfighter News - 19-06-2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next