Websense Warns of Malicious iPhone 5 Delivery E-mails
Links in the fake e-mails lead to a site hosting the Blackhole exploit kit.
In a recent blog post, Websense's Patrik Runald warned that scammers are sending fake UPS and FedEx notifications of iPhone 5 deliveries.
"Apple sold more than 2 million of the new phone in less than 24 hours so clearly there's a huge interest in getting the device," Runald wrote. "This means that many people are eagerly waiting for their shipping notifications, to learn when the phone will arrive. I'm one of the people who pre-ordered an iPhone 5, and I'm still waiting for my delivery notification. From reading discussion forums online, I know that all orders from Apple's online store will ship with UPS. So when I received a UPS notification email today, I obviously expected it to be about my iPhone. Turns out, it wasn't."
"When opened, the attached HTML file shows a 'Please wait a moment. You will be forwarded…' note," writes Help Net Security's Zeljka Zorz. "The note is not lying -- you will be forwarded, but to a Russian domain hosting the Blackhole exploit kit. If the exploit kit manages to do what it is created to do, you will be saddled with a banking Trojan."
"The Websense Cloud Email Security service has already intercepted and blocked more than 45,000 similar emails (by the time you read this, there will undoubtedly be many more)," Infosecurity reports. "'UPS/FedEx lures are not new,' warns Websense, 'but in times like this -- when people are eagerly waiting for an email of this type -- the risk is great that recipients will have their guards down and will run the attached file.'"
"So early adopters, as you wait for that UPS email that's sure to come, be vigilant and pay attention to the details," writes SecurityNewsDaily's Ben Weitzenkorn.