By Dave Michmerhuizen – Research Scientist, Luis Chapetti – Security Researcher
Spammers are always looking for ways to cut through the clutter of jammed inboxes and compel you to open their emails and click their links.
A classic ruse is to offer temptation in the form of a piece of shocking news or gossip. For years spam emails have used subject lines that refer to storms, earthquakes, revolutions and yes, even elections, and with the 2012 presidential election upon us the related emails have begun to appear.
The spam traps at Barracuda Labs have captured some good examples such as this one posing as a breaking CNN update.
The subject of “Mitt Romney Almost President” is calculated to attract hurried clicks from all sides of the political spectrum. Unfortunately all of the links in these emails lead to compromised websites that are set up to deliver malicious attacks against the web browser using a BlackHole exploit kit that we have written about before. Instead of news, the inquisitive recipient is left with malware, usually a password stealer.
We have been seeing these since early October, and they are still continuing and will most likely continue in some form right through Election day and beyond.
As always, be very careful what you click. Emailed links are so often spoofed that in this case the smart thing to do is to eliminate the risk and just visit CNN directly.