Webroot Threat Blog – Internet Security Threat Updates from Around the World

WEBROOT – INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS

Intuit themed ‘QuickBooks Update: Urgent’ emails lead to Black Hole exploit kit

Posted on September 5, 2012 by ddanchev

By Dancho Danchev

It didn’t take long before the cybercriminals behind the recently profiled ‘Intuit Marketplace’ themed campaign resume impersonating Intuit, with a newly launched round consisting of millions of Intuit themed emails.

The theme this time? Convincing users that in order to access QuickBooks they would have to install the non-existent Intuit Security Tool. In reality though, clicking on the links points to a Black Hole exploit kit landing URL that ultimately drops malware on the affected hosts.

More details:

Continue reading →

Spamvertised ‘Your UPS delivery tracking’ emails serving client-side exploits and malware

Posted on June 25, 2012 by ddanchev

By Dancho Danchev

Cybercriminals are currently spamvertising millions of emails impersonating United Parcel Service (UPS) in an attempt to trick end and corporate users into clicking on exploits and malware serving links found in the malicious emails. What exploits are they using? How widespread is the campaign? Is it an isolated incident, or is the campaign linked to more malicious activity?

More details:

Continue reading →