Cyber-criminals are taking advantage of the civil war in Syria and use the Fox News reputation to infect users with malware. The e-mails pose as newsletters of the media company and incorporate malicious links on several buttons, including ‘unsubscribe.’
To lure readers into clicking on the malicious URL, scammers promise exclusive videos and articles about the Syrian conflict. They also create a sense of urgency by promising information about World War III. Subject lines vary from “U.S. Military Action in Syria – is it WW3 start?” to “Obama Sending US Forces to Syria” and “US deploys 115,000 troops in Syria.”
“Three thousands US Marines have been deployed to northern part of Syria and more waits to come in,” the malicious e-mails read. “What target is next? Does Obama going to start WW3 from the Iran after Syria fall?”
Clicking on any hyperlinked text, including the unsubscribe button that many users rush to click, leads to a website blocked by antivirus software for malware. The dangerous web page is recurrently used by scammers to redirect users to exploit kits such as Blackhole that, once installed, are able to grab passwords and banking details.
Besides the spoofed Fox News addresses, the spam newsletter seems legit. To make more victims, cyber-criminals managed to imitate the authentic newsletter that the media corporation sends to its readers.
This is not the first time cyber-criminals abuse the reputation of a big company to lead users to the BlackHole exploit. In May, fake Amazon order confirmations promised 55â€ TV sets but delivered malware instead.
Besides malicious spam, news corporations are also targeted by Twitter hackings and website exploits. Most recently, a campaign exploited open redirect vulnerabilities on the CNN website to flood Twitter users with diet spam allegedly coming from the media company.
Tips and Tricks:
Install an antivirus solution and keep it updated. It will silently scan your system and prevent spam, phishing, fraud and malware infections.
Before clicking on unsubscribe buttons, hover your mouse on the unsubscribe button to see where it leads. Scammers commonly embed dangerous links where they expect users to click without thinking too much.
If you want to be sure a newsletter such as the Fox News one is legitimate, read the promised exclusivity on the official website.
This article is based on the technical information provided courtesy of Ionut Raileanu, Bitdefender Spam Analyst.Â
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.