Cybercriminals only need to convince users to click on a link

Nov 9, 2012 21:11 GMT  ·  By

Some interesting spam has been making the rounds this week. One fake notification, that pretends to represent an iTunes receipt, is cleverly designed to spread a piece of malware by luring users to a website that hosts the BlackHole exploit kit.

The email looks legitimate at first glance. It’s properly written and all the design elements are in the right place.

However, the scammers are most likely relying on the fact that recipients will rush to click on the links once they see that a “postcard” worth $699.99 (545 EUR) has been purchased with their credit card.

GFI Labs experts have investigated these fake iTunes receipts and have found 2 different malicious domains that host the BlackHole exploit kit. Both of them appear to be active.

Users are advised to be careful when receiving such emails, even if they legitimately appear to originate from Apple.