Bogus "Your eBay funds are cleared" email leads to exploits
Posted on 01.08.2012
Following the email supposedly sent by an unsatisfied customer, eBay sellers are targeted by scammers once again.

While the first email threatened with negative feedback, this one entices with the promise of a huge amount of money supposedly made available to the recipient:

Users who click on the embedded link are taken to a page sporting the "Loading your Transaction Details…" caption, which also hosts the Blackhole exploit kit.

While the user is waiting for the transaction details to load, the kit tries to exploit an Adobe Reader and Acrobat vulnerability, as well as a Microsoft Windows Help Center flaw.

If successful, a Trojan is dropped onto the system, and phones home to a C&C server that has been used in another previously profiled spamvertised campaign.

"Based on these observations, we can easily conclude that a single cybercriminal or a gang of cybercriminals is systematically introducing undetected malicious executables and rotating the client-side exploits serving URLs, next to impersonating popular brands in an attempt to socially engineer users into interacting with these malicious emails," says Webroot's Dancho Danchev, and predicts that more spam campaigns impersonating trusted brands are sure to follow.


Email scammers stole $215M from businesses in 14 months

Posted on 29 January 2015.  |  In 14 months there have been nearly 1200 US and a little over 900 non-US victims of BEC scams, and the total money loss reached nearly $215 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jan 30th