Phony Verizon Wireless emails follow AT&T wireless emails attack

by

Less than 2 weeks ago we reported the use of perfectly formatted AT&T Wireless emails that included multiple links to malware infested sites.  These have now been followed up with similar emails – but the “carrier” has switched to Verizon Wireless.

The Verizon emails also lead to sites hosting malware – although there are far fewer links in the email – and the same compromised site is used repeatedly in each email (in the AT&T attack, up to 9 different sites were used).  The same gang appears to be behind both attacks since the link structure is identical:

//index.html.

The same vulnerabilities are once again exploited via the scripts on the sites.

The fully functional homepage of the compromised site is shown below.

 

 

Go back