Select Page

Cyren Security Blog

Phony Verizon Wireless emails follow AT&T wireless emails attack

Less than 2 weeks ago we reported the use of perfectly formatted AT&T Wireless emails that included multiple links to malware infested sites. These have now been followed up with similar emails – but the “carrier” has switched to Verizon Wireless.

The Verizon emails also lead to sites hosting malware – although there are far fewer links in the email – and the same compromised site is used repeatedly in each email (in the AT&T attack, up to 9 different sites were used). The same gang appears to be behind both attacks since the link structure is identical:

//index.html.

The same vulnerabilities are once again exploited via the scripts on the sites.

The fully functional homepage of the compromised site is shown below.

You might also like

LinkedIn Phish Kit

Scam Warning Back in January, LinkedIn posted a warning about connection requests from individuals impersonating employees of a legitimate organization. These requests come from newly created accounts. If someone accepts the request, the attackers will have more...