14 DAY TRIAL // A new email scam tricks users into opening malicious links by using a fake ShoNBC e-flyer as lure. The rogue links direct victims to a website trying to infect their computers with malware.
The spam has been intercepted by email and Web security provider AppRiver, who notes that the scammers probably copied and modified a legit ShopNBC advertising email. However, all links in the original e-flyer now point to a single website that is in no way related to the online shopping network. The email headers have also been forged to appear as if the message originated from an address on NBC.com's domain.
Clicking on any of the links in the fake emails takes users to a website that attempts to load malicious JavaScript code. This code attempts to exploit vulnerabilities in outdated versions of popular programs installed on the visitors' computer. Successful exploitation leads to a malware installer being dropped and executed on the system.
“It seems as though most people may just delete this as junk mail, but it just may appeal to some people, and others might want to attempt to 'unsubscribe' from this unwanted circular, and in these cases they will instantly transform from being a simple recipient of junk mail to being a victim with an infected computer. One way to have avoided this type of scam would be to hover over the links with your mouse to see where they actually led before clicking on them,” the AppRiver security researchers advise.
These Web exploitation attacks, known as drive-by downloads, represent one of the most common methods of distributing malware on the Internet. In order to protect themselves from such threats, users should keep all of their applications up to date, especially highly popular ones like Adobe Reader, Flash Player or Java Runtime Environment. Most of these exploits are also detected by capable antivirus products.
You can follow the editor on Twitter @lconstantin
