Websense experts analyze the spam emails and the final payload
Beware! Cybercriminals are trying to trick you into installing an information-stealing malware with the aid of bogus news notifications that appear to come from Fox News.The malicious emails are entitled something like this:
- U.S. Military Action in Syria - is it WW3 start?
- US deploys 19,000 troops in Syria
- Obama Sending US Forces to Syria
According to Websense, the fake Fox News messages appear to contain links to various news articles and videos related to US military action in Syria, but also to some posts about teen mom Farrah Abraham and the model Kate Upton.
Users who click on the links are not taken to the Fox News website, but to one of the many legitimate websites that have been compromised by the cybercriminals.
These websites are designed to redirect users to other sites that host the notorious BlackHole exploit kit. The exploit kit abuses vulnerabilities in the victim’s system to push a malware of the Cridex family.
These threats are used to steal banking credentials and other sensitive information from the infected computers.
Over 60,000 samples have already been blocked by Websense, so beware of such emails.