Trend Micro researchers spotted another spam run that leads unsuspecting users to black hole exploit. This spammed message arrives as a supposed notification from Verizon Wireless. The email is carefully crafted to appear like a legitimate Verizon Wireless Account Notification and informs users about their current bill. Once users clicked on the link, they are redirected to compromised websites that point to the malicious sites hosting the said exploit code. Trend Micro detects the exploit code as JAVA_BLACOLE.AE. Similar to other black hole exploit-related spam runs, this also leads to a ZeuS variant detected as TSPY_ZBOT.JBR.
Users should be wary of clicking links in messages, even if they come from supposed legitimate sources. Users should directly visit the company site or call the company hotline to confirm the email or discuss any account activity, rather than rely on links.