Upon clicking on the links, users are exposed to the client-side exploits served by the most popular Web malware exploitation kit currently in use by cybercriminals - the BlackHole exploit kit.
The campaign ultimately drops the following MD5: 4f58895af2b8f89bd90092f08fcbd54f currently detected by 17 out of 42 antivirus vendors.
Who's behind this campaign? Over the past couple of months, a single cybercriminal, or a gang of cybercriminals have been systematically rotating the impersonation of multiple companies in an attempt to trick end users into clicking on their exploits-serving links.
End and corporate users are advised to ensure that they're running the latest versions of their third-party software, and browser plugins in an attempt to avoid being exploited by the BlackHole web malware exploitation kit.