Blackhole Spam Evades Detection Using Punycode
Posted by: TimW on 05/20/2013 02:28 PM
[
Comments
]
The BlackHole Exploit Kit has come in various forms, such as official bank notices, cable provider email updates, social networking email, and fake courier notifications. Now it is coming as a spam run from what would seem to be Wal-Mart.
Figure 1. Notice supposedly from Walmart
Users can be redirected to a phishing site based on the international domain names (IDNs) that appears to have the same URL as a legitimate site. This can make blocking malicious sites more difficult.
Your best defense against phishing is to:
1) Always be cautious of email messages before clicking the links or downloading attached files
2) verify with the vendor to check if these emails are legitimate
3)install the latest security updates from software vendors to avoid threats targeting dated vulnerabilities
Users can be redirected to a phishing site based on the international domain names (IDNs) that appears to have the same URL as a legitimate site. This can make blocking malicious sites more difficult.
Your best defense against phishing is to:
1) Always be cautious of email messages before clicking the links or downloading attached files
2) verify with the vendor to check if these emails are legitimate
3)install the latest security updates from software vendors to avoid threats targeting dated vulnerabilities
Comments
