Fake HP, BBB and Federal Reserve Bank Emails Lure Users to BlackHole Exploit Kit

Cybercriminals have been on vacation between December 30 and January 7

  Bogus BBB email
Now that the holidays are over, cybercriminals have resumed their malicious operations. Experts advise users to be on the lookout for fake emails apparently coming from HP, the Better Business Bureau (BBB) or Federal Reserve Bank.

Now that the holidays are over, cybercriminals have resumed their malicious operations. Experts advise users to be on the lookout for fake emails apparently coming from HP, the Better Business Bureau (BBB) or Federal Reserve Bank.

Trend Micro researchers say that they didn’t detect any BlackHole Exploit Kit spam runs between December 30 and January 7, but now the campaigns have been picked up.

As usual, the bogus notifications attempt to trick recipients into clicking on links that point to sites which host BlackHole. The exploit kit probes the user’s computer for unpatched software and utilizes the vulnerabilities it finds to push malware.

Some of the malicious notifications that can be seen landing in inboxes these days are simple, while others are most complex.

However, whichever the case may be, they all deploy clever social engineering tricks to convince potential victims to click on links or open the attached files they carry.

Comments