Heartbleed vulnerability is one of the latest hot topics that are constantly updated on the infosec media. TrendMicro is alerting about a spam message that is using heartbled with a suspicious link claiming to be a CNN report related to the openssl vulnerability.
The message includes the following:
I just want to let you know that there is a big security concern now in the internet. The internet bug called Heartbleed Bug, was recently discovered by experts. So if were you , you need to change your internet passwords specially your banking passwords. Check for this report in CNN.
>>>Report from CNN
Screenshot for the spam message by TrendMicro
The included link is leading to a URL that is not working or inaccessible for the security researchers which prevents from having the full scenario of the attack and analyze it further. Usually cybercriminals will host some malicious code on the webpage to infect and spread their malware. The source of spam message seems to be for an attacker named ‘Dexter’. If you receive a similar message make sure to not click on the links and add it to your Junk folder so your security solution prevent it from reaching your inbox in the future.