You are here

Home:Blogs:Malicious Notification Spam: Account Verification
X-Labs
June 22, 2010

Malicious Notification Spam: Account Verification

Shiyu Bai
Cyber Attack Email Security Spam

Websense Security Labs™ ThreatSeeker™ Network has detected a malicious spam outbreak with the Subject line "Account Verification". As of June 22, we have counted more than 100,000 of these messages. The attack message is disguised as coming from Digg.com. It asks the recipient to verify their Digg.com account. Clicking the "Password  change" link in the email body redirects the user to malicious websites (see the screenshot below).

 

Malicous email body screenshot : 

 

The malicious payload :

 

There are two malicious links in the payload. The first link redirects the user to a site that prompts the user to download a Trojan file (29% detection). The second link (in an iframe) redirects the user to a site laden with exploits.

 

Websense Messaging and Websense Web Security customers are protected against these attacks.

SB

Shiyu Bai

Read more articles by Shiyu Bai

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.
Learn more about Forcepoint