JMH
Emeritus, Contributor
- Apr 2, 2012
- 7,197
Over the last couple of hours, cybercriminals have started spamvertising millions of emails pretending to be coming from HP ScanJet scanner, in an attempt to trick end and and corporate users into downloading and viewing the malicious .html attachment.
Upon viewing, the document loads the invisible iFrame script, ultimately redirecting the user to a landing URL courtesy of the Black Hole web malware exploitation kit.
More details:
The ongoing spam campaign is using both, zip attachments containing a malicious executable, and a malicious iFrame loading .html file. Let’s take a closer look at the dynamics behind the campaigns.
Spamvertised subject: Scan from a Hewlett-Packard ScanJet #[random number]
http://blog.webroot.com/2012/08/27/...Feed:+WebrootThreatBlog+(Webroot+Threat+Blog)