People are attracted to news, and when the news is big, the attraction is urgent. Spammers have known this for years, and both the recent royal birth and a horrific train accident in Spain has tempted them to dust off their fake CNN news alert templates. The honeypots at Barracuda Labs are seeing high volumes of this using a wide variety of hacked websites as their destinations.
Notice how this campaign still carries a subject line “Perfect gift for royal baby… a tree?” even as the content was changed to a fake video preview of the train disaster. Even spammers have a tough time keeping their stories straight.
While this site is currently unresponsive, the usual result would be exploitation of the browser and installation of a backdoor or password stealer.
As always, treat all of your email as guilty until proven innocent. Unless you really need to, don't even bother giving it a trial. Any news you receive in an update or newsletter should also be available on the website of the organization whose name appears on the email. Don't take chances – instead, use a few more keystrokes to go directly to the website.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.