Websense researchers are warning of malicious spam e-mails that pose as automated notifications from Craigslist, asking the recipient to click on a link in order to complete a Craigslist request. The link redirects the victim to a Web site hosting the Blackhole exploit kit.
“The malicious emails, 150,000 of which were caught by Websense Security Lab’s Cloud Email Security portal … attempt to convince recipients that ‘FURTHER ACTION IS REQUIRED TO COMPLETE [THEIR] REQUEST!!!'” writes Threatpost’s Brian Donohue. “The emails go on to claim that recipients must follow the (malicious) link below in order to publish, edit or delete their ad or verify their email address. At the bottom of the email is a bold and capped piece of text that helpfully advises that users ‘KEEP THIS EMAIL.’ … Websense lists ‘Models for fine’ (systems / network), ‘Studio4PaintWorkCatskills’ (education), and ‘Show Your Art’ (cars+trucks) as a few of the email subjects popping up in the scam.”