Malicious Japan quake spam leads to scareware

M86 Security and Kaspersky Lab are reporting on a currently ongoing Japan quake themed spam campaign which leads to scareware and client-side exploits.

M86 Security and Kaspersky Lab are reporting on a currently ongoing Japan quake themed spam campaign which leads to scareware and client-side exploits. Spammed using the Cutwail/Pushdo botnet, the campaign is using an event-based social engineering theme in order to trick users into clicking on the malicious links.

Upon clicking on the link the user is exposed to client-side vulnerabilities, ultimately dropping a scareware variant.

Millions of users continuing to clicking on links in spam emails.

Meanwhile, users are advised to browse the Web in a sandboxed environment, using least privilege accounts, NoScript for Firefox, and ensuring that they are free of client-side exploitable flaws.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All