Posts Tagged: security


Spamvertised ‘Federal Tax Payment Rejected’ themed emails lead to Black Hole exploit kit

by

Remember the IRS (Internal Revenue Service) themed malicious campaign profiled at Webroot’s Threat Blog earlier this month? Over the past 24 hours, the cybercriminals behind the campaign resumed mass mailing of the same IRS email template, exposing millions of users to the threats posed by the social engineering driven campaign. More details:

Continue Reading »

Cybercriminals spamvertise bogus greeting cards, serve exploits and malware

by

Think you’ve received an online greeting card from 123greetings.com? Think twice! Over the past couple of days, cybercriminals have spamvertised millions of emails impersonating the popular e-card service 123greetings.com in an attempt to trick end and corporate users into clicking on client-side exploits and malware serving links, courtesy of the Black Hole web malware exploitation kit. What’s so special about this campaign? Can we connect it to previously spamvertised campaigns profiled at Webroot’s Threat Blog? Let’s find out. More details:

Continue Reading »

IRS themed spam campaign leads to Black Hole exploit kit

by

Recently, cybercriminals launched yet another massive spam campaign, this time impersonating the Internal Revenue Service (IRS) in an attempt to trick tax payers into clicking on a link pointing to a bogus Microsoft Word Document. Once the user clicks on it, they are redirected to a Black Hole exploit kit landing URL, where they’re exposed to the client-side exploits served by the kit. More details:

Continue Reading »

Cybercriminals impersonate AT&T’s Billing Service, serve exploits and malware

by

Cybercriminals have launched yet another massive spam campaign, this time impersonating AT&T’s Billing Center, in an attempt to trick end and corporate users into downloading a bogus Online Bill. Once gullible and socially engineered users click on any of the links found in the malicious emails, they’re automatically redirected to a Black Hole exploit kit landing URL, where they’re exposed to client-side exploits, which ultimately drop a piece of malicious software on the affected hosts. More details:

Continue Reading »

Millions of spamvertised emails lead to W32/Casonline

by

Thanks to a mature monetization model introduced by vendors of bogus online gambling software, cybercriminals continue mass mailing millions of emails in an attempt to earn revenue for each and every new installation of the promoted software. In this post, I’ll profile several prolific spam campaigns attempting to trick users into visiting a bogus web site, and downloading a copy of the potentially unwanted application (PUA) most commonly known as W32/Casonline. More details:

Continue Reading »

Ongoing spam campaign impersonates LinkedIn, serves exploits and malware

by

Remember the LinkedIn exploits and malware serving campaigns which I profiled in March, and May? Over the past 24 hours, cybercriminals launched the most recent spam campaign impersonating LinkedIn, in an attempt to trick LinkedIn’s users into clicking on the client-side exploits and malware serving links found in the emails. More details:

Continue Reading »

Spamvertised ‘PayPal has sent you a bank transfer’ themed emails lead to Black Hole exploit kit

by

Sticking to their well proven social engineering tactics consisting of systematic rotation of the abused brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick end and corporate users into interacting with the malicious campaign. Once the interaction takes place, users are exposed to the client-side exploits served by the Black Hole exploit kit, currently the market share leader within the cybercrime ecosystem. More details:

Continue Reading »

Spamvertised ‘Your Ebay funds are cleared’ themed emails lead to Black Hole exploit kit

by

Cybercriminals are currently mass mailing millions of emails impersonating eBay and PayPal in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on any of them, user are exposed to the client-side exploits served by the Black Hole exploit kit. More details:

Continue Reading »

Russian spammers release Skype spamming tool

by

Taking advantage of DIY spamming tools and harvested databases of user names, cybercriminals have been systematically abusing multiple instant messaging services in an attempt to trick as many users as possible into interacting with their malicious campaign. In this post, I’ll profile a newly released DIY Skype spamming tool, discuss its main features, and whether or not it can lead to an increase in the overall spam levels affecting Microsoft’s Skype. More details:

Continue Reading »