14 DAY TRIAL // On Tuesday, we learned that bogus CNN emails were making the rounds, attempting to convince recipients to click on links that pointed to malicious websites. The spam campaign is still going strong, but the crooks have made some minor modifications to it.
Sophos experts report that the more recent versions of the emails used in this attack don’t pretend to come from CNN. Instead, they purport to originate from the BBC.
In addition, the newer emails don’t contain bogus news about Pope Francis, but about the current economic situation in Cyprus.
On the other hand, the links from the emails still point to BlackHole exploit kit websites that serve malware. The malicious elements from the attack are identified by Sophos as Troj/PDFJS-ADE, Troj/PDFEx-GD and Troj/SwfExp-BN.
Take a look at some of the subject lines of these emails:
- BBC-Email: Bank of America happy of Cyprus Central Bank Warns of Capital Flight - BBC-Email: Cyprus 'Bank Raid' by Euro Banks - BBC-Email: Cyprus banks shut extended to Monday - BBC-Email: Cyprus can amend bailout terms - BBC-Email: Cyprus effect on stocks likely long-term - BBC-Email: Cyprus rises tax value and confirmed one time withdrawal! - BBC-Email: EU wants rise of Cyprus bank levy - BBC-Email: US banks hurt by Cyprus news