The latest of these is a notification alert about "activity you may have missed on Facebook":
Clicking on any of the offered buttons or the "unsubscribe" link ultimately lands users on a page hosting the Blackhole exploit kit serving an exploit for Adobe Reader and Acrobat.
Victims who use any of the vulnerable versions of these two software and no AV solution are automatically saddled with an information-stealing Trojan.
The Trojan variant in question is now detected by 28 of the 43 AV products used by Virus Total, but at the beginning of the spam campaign even those who had AV software installed were not safe, as the malware was detected by only three of them, Webroot warns.
Users are advised never to follow links offered in unsolicited emails, no matter how legitimate they look. Check your Facebook account for "activity you have missed" if you must, but do it by logging in through the legitimate login page.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.