14 DAY TRIAL // Earlier today we reported that cybercriminals were sending out fake Craigslist notification emails, trying to lure unsuspecting internauts to websites that hosted the Blackhole exploit kit in an attempt to spread malware. As it turns out, the same group has also been sending phony Xanga emails.
Websense researchers, the ones that identified the Craigslist campaign, report that 140,000 emails have been detected by their Cloud Email Security portal.
Customers of the popular blogging community should take a close look at the notifications before clicking on the links they carry, otherwise they could find themselves being redirected to a Russian or Ukrainian domain that hosts the exploit kit.
The emails, apparently coming from [email protected], are well designed and could easily fool recipients into thinking that they’re legitimate. However, a closer look at the link clearly shows that the “1000sovetov.kiev.ua” has nothing to do with Xanga.
As always, we advise users to rely on an updated antivirus, up-to-date software components, and a lot of common sense to keep themselves out of trouble.