Spammed messages purporting to contain a cheaters list are making rounds following the hacking of the Ashley Madison website. These spammed messages disguise itself to be from instantconfirm background checks, Fox News, or CNBS. The message appears to be a CNN news article. Looking closely at the URL where users are invited to click, it shows different newly registered domains. Noticeable in the message content itself is its use of a spam technique called HTML inserts - it abuses HMTL tags to insert random words that when grouped together have no meaning.
Clicking on the link leads to the download of a non-malicious file as of this publishing. However, do note that these URLs may change over time and may lead to threats. We encourage users to inspect links in email before clicking on them.
Damage to the company's reputation is not the only consequence of this data breach. Taking into consideration the nature of the website, damage to one's own reputation is also at stake. Trend Micro users are protected from spam of this kind via the effective blocking of products powered by the Smart Protection Network technology. Traditional security, according to Trend Micro Chief Cybersecurity Officer Tom Kellermann, is not enough to minimize or eliminate the risks of breaches like this.