Malicious Twitter Confirmation Emails Lead to Exploit Kit

The fake notifications appear to originate from a "" email address

Cybercriminals most often rely on forged emails to spread their pieces of malware, creating fake messages that purport to come from a well-known company. This time, we’ll take a look at shady notifications that claim to originate from Twitter.

GFI researchers present such an email that urges recipients to confirm their Twitter accounts.

“Please confirm your Twitter account by clicking this link: Please click here. Once you confirm, you will have full access to Twitter and all future notifications will be sent to this email address,” reads part of the message.

At first glance, the email may look legitimate, especially since it appears to come from an email address that ends with “”. However, all the links it contains actually lead to a compromised website hosted on the ZENPhoto blog platform.

From here, victims are redirected to a Russian website that hosts the infamous Blackhole exploit kit, which attempts to leverage known vulnerabilities in order to push malware.

Twitter users are advised to be on the lookout for such emails in order to protect their devices from getting infected with malicious elements.

Hot right now  ·  Latest news