Bogus “Royal Baby: Live Updates” email leads to malware
As expected, news of the new birth in the British Royal Family has become a perfect lure in malware delivery schemes.
ThreatTrack has spotted an email titled “The Royal Baby: Live Updates” doing the rounds, offering a link that supposedly leads to a live feed of a camera in front of the hospital where the birth occurred and where a first glimpse of the baby could be had (click on the screenshot to enlarge it):
Unfortunately for those who are too gullible for their own good, clicking on the link starts a few redirections and lands the user on a website hosting the Blackhole exploit kit.
Once it takes advantage of a vulnerability on the user’s computer, the kit delivers a variant of the Zeus information-stealing Trojan.
“For anybody out there currently interested in all things Royal Baby, please be aware that a handful of malware examples will probably turn into ‘quite a lot’ over the coming days and weeks,” says Threat Track’s Chris Boyd. “Random emails and links on social networks should be treated with a healthy dose of skepticism (having said that, there isn’t really a case where you shouldn’t be treating random links with anything but a healthy dose of skepticism).”