Sophos warns that spammers are once again sending out bogus scan-to-email notices in an attempt to dupe users into clicking malicious links that lead to websites serving malware.
Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet #1788378
A document was scanned and sent to you using a Hewlett-Packard HP9289197
Sent to you by: PEARLIE
Filetype(s): Images (.jpeg) View
This isn’t the first time that spammers mimicked document-to-file scan notifications, but previous attempts involved malicious file attachments vs. links in the email itself.
The malware served in the attack was not disclosed; however, the websites associated with this attack are rigged with the BlackHole exploit kit, which typically leverages PDF, Flash & Java vulnerabilities in order to plant malware on the visiting machine.
So, keep your computer safe by:
- Not following links embedded in unsolicited emails – at least not without investigating them first.
- Running antivirus software that offers real-time scanning & keep the virus definitions current. (Btw, Sophos blocks the page as Mal/ExpJS-N.).
- Keeping your operating system and third-party software fully patched & up-to-date.
If you’ve already clicked the link, run a full system scan to detect & remove any potential malware that may have been installed on your computer.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+