Fake Email Trick aims to Redirect Users to Malicious websites

Spam

Several spamming messages have been observed by Trend Micro Lab that are targeting social network users, we used in the traditional spam message to find advertising content directly on the email but the reported cases seems to be slightly different as scammers are hosting the advertising content on hacked website under their control, If the victim click on the link he will be directly visiting these malicious websites.

LinkedIn, foursquare, MySpace, and Pinterest are the reported cases and here cybercriminal are using an identic notification to what social network is sending with logos and words that makes any person read the message and click on contained links.

The first two fake messages are belonging to foursquare one alerting that users have received new message and the second for confirming friend’s notification, here as a reaction the person will click the link to insert his login credential and read the message. The email is very well done and seems to be from the legitimate source.

Same way is conducted for LinkedIn and MySpace where attackers are trying to redirect users to fake website “wiki Pharmacy”.  And last message is for Pinterest where the email notification claimed online article on weight-loss but actually it contain a malicious attack.

So as you can see if you have a good Mail security solution you will not be able to filter these messages as they are identic to what you are receiving from social network websites and you may be exposed for a similar types of attack.

As a security measure verify email senders and if they are suspicious delete the message directly, if you receive any link open your browser and insert the URL manually, if the link looks suspicious than try to check it on search engines to have a full information about it, Finally be sure to never send your sensitive information even if they are requested by any part over your email.

Source: TrendMicro

Share