Users were lured to malicious websites with all sorts of spam messages
October should be named the month of the BlackHole exploit kit. At least that’s the conclusion that can be drawn after seeing GFI’s October 2012 VIPRE Report.Cybercriminals attempted to trick users into visiting BlackHole websites by luring them with Facebook verification emails, Skype voicemail notifications and even Windows licenses.
“The Blackhole exploit kit is one of the biggest dangers that internet users face because it is the chameleon of internet threats. It simplifies the process of creating cybercrime campaigns and is easily adapted to take advantage of the buzz surrounding major news events and popular brands,” Christopher Boyd, senior threat researcher at GFI Software, said.
On the other hand, the expert highlights the fact that such attacks are relatively easy to avoid as long as users follow best security practices.
That’s because, in order for the BlackHole exploit kit to perform its job, victims must be convinced to click on a link. Then, the threat looks for unpatched software in order to push pieces of malware.
So, if users refrain from clicking on links from untrusted sources, keep their software updated at all times, and keep an up-to-date antivirus running in the background, they should have nothing to worry about.