Just like earthquakes, tsunamis and Justin Bieber screw ups, the birth of a royal baby in London in the UK provides spammers with a good hook to land their social engineering or malware on unsuspecting victims’ PCs.
The AVG Web Threats Research Group found this one this morning. It’s a fake “live update” gimmick:
You can see the link highlighted below:
Clicking the link redirects potential victims to a page loaded up with Blackhole exploit kit code:
AVG products were ready and blocking that Blackhole variant even before the royal labor started:
The second spoofs an email from CNN and purports to offer a link to a video of the new arrival. It also loads Blackhole Exploit Kit.
How do users avoid malcode infections from spam email?
- Be aware that spammers who send non-malicious and malicious spam take advantage of timely news events in subject lines to grab attention.
- Do not click on links in spam email. EVER. Period.
- Be cautious about clicking on links in email messages sent to you by friends or businesses you know as well. Spammers spoof the origins of their email messages. Also, we still have malicious code out there that can infect a PC and spread by emailing malicious spam to every address in the victim’s address book.
- Run an anti-malware application such as AVG LinkScanner that scans all links on Web pages or in emails and protects you from a malcode infection (like Blackhole) that will turn out to be a royal pain in the butt.
Leave a reply