American Express Cancelled Transaction Emails Lead to BlackHole Exploit Kit
Victims end up with the Cridex malware on their computers
In its October 2012 VIPRE Report, GFI Software warned that in the past period many of the spam campaigns relied on the BlackHole exploit kit to spread malware onto the computers of unsuspecting users.A perfect example is the American Express spam that has been making the rounds over the past days.
Entitled “American Express Notification: Your Operation is Terminated,” the fake notifications attempt to convince recipients into clicking on a shady link.
“Your American Express Card account transaction cancelled 11/13/2012 with amount of 8,368.98 $,” the emails read.
The link contained in them hides a malicious websites that hosts BlackHole. The exploit kit scans the computers of internauts who visit the site in hopes that it can find a security hole through which it can push a piece of malware.
According to experts, in this particular case, the Cridex malware is the one being served.
Users are advised to be on the lookout for such emails.