• Search Blog Archives

  • Recent Posts

  • Archives

  • Categories

  • Websense

  • Security Sites

Follow us: 
Like us on Facebook Follow us on Twitter Visit us on YouTube Get Websense Security Labs alerts delivered to your inbox Follow us on LinkedIn

Malicious Notification Spam: Account Verification
Posted: 22 Jun 2010 03:38 AM

Websense Security Labs™ ThreatSeeker™ Network has detected a malicious spam outbreak with the Subject line "Account Verification". As of June 22, we have counted more than 100,000 of these messages. The attack message is disguised as coming from Digg.com. It asks the recipient to verify their Digg.com account. Clicking the "Password  change" link in the email body redirects the user to malicious websites (see the screenshot below).

 

Malicous email body screenshot :

 

 

 

The malicious payload :

 

 

There are two malicious links in the payload. The first link redirects the user to a site that prompts the user to download a Trojan file (29% detection). The second link (in an iframe) redirects the user to a site laden with exploits.

 

Websense Messaging and Websense Web Security customers are protected against these attacks.

Filed under: , ,

Shiyu Bai

no comments

Leave a Comment

(required) 

Email address: (required) 
 
  
 


©2012 Websense, Inc. All Rights Reserved.