Fake CNN Emails About Pope Point to Malware
Emails purporting to be CNN notifications suggest that recipients click a link to read CNN.com articles relating to the pope.
The emails are not from CNN and the links do not open genuine CNN articles. The links lead to compromised websites that harbour malware.
Subject: Opinion: Pope 'could be sued over child abuse'! Exclusive! - CNN.com
Please note, the sender's email address has not been verified.
You have received the following link from [removed]
Click the following to access the sent link:
Pope 'could be sued over child abuse'! Exclusive! - CNN.com*
Get your EMAIL THIS Browser Button and use it to email content from any Web site. Click here for more information.
*This article can also be accessed if you copy and paste the entire address below into your web browser.
by clicking here
According to these emails, which purport to be from US based news outlet CNN, uses can click a link to read breaking news stories pertaining to the pope. The messages include seemingly official CNN graphics and formatting. There are several versions of the message, all claiming to link to pope related news stories.
However, the emails are certainly not from CNN and the links to not open genuine news reports about the pope. In fact, the links lead to compromised websites
that harbour a version of the infamous Blackhole Exploit Kit
, a criminal web application that can exploit browser vulnerabilities to downlod and install trojans and other types of malware. Victims who fall for the ruse and click links in these messages may inadvertently install a variety of information stealing malware on their computers.
In some cases the scammers have used real news headlines about the pope taken from other sources in an apparent attempt to make the fake messages seem more plausible. During testing I found that some versions automatically redirect users to the genuine CNN website after the fake page has loaded and attempted to deliver its payload.
Criminals intent on distributing malware are generally quick to exploit significant news events such as the resignation of Pope Benedict and the subsequent appointment of Pope Francis. Be wary of opening links or attachments in unsolicited emails, even if they appear to come from a legitimate news source.
To help protect yourself from the Blackhole Exploit Kit and other types of attack ensure that your browser and operating system always have the latest security updates installed and use reliable anti-virus and anti-malware scanners
Last updated: March 20, 2013
First published: March 20, 2013
By Brett M. Christensen