Today, Symantec found a spam mail that masquerade as "Your Holiday E-Ticked Confirmation". The email ask you to visit a link so that you can take printout. It displays anchor text as legitimate site but it is link to malicious sites.
The Spam Mail:
If you inspect the HTML coding for this message carefully, you will notice a malicious link in the anchor tag:
This link redirects to a known malware-hosting site in Russia which previously hosted Trojan.Maljava. Trojan.Maljava is a detection name used by Symantec to identify malicious Java files that exploit one or more vulnerabilities, one of many threats awaiting an unsuspecting user.
The Spam Mail:
If you inspect the HTML coding for this message carefully, you will notice a malicious link in the anchor tag:
This link redirects to a known malware-hosting site in Russia which previously hosted Trojan.Maljava. Trojan.Maljava is a detection name used by Symantec to identify malicious Java files that exploit one or more vulnerabilities, one of many threats awaiting an unsuspecting user.
Security Tips from Symantec to protect yourself:
- Be selective about websites you give your email address to.
- Before entering personal or financial details online, ensure the website has SSL encryption (look for things like HTTPS, a padlock, or a green address bar).
- Avoid clicking on suspicious links in email or instant messages as these may be links to spoofed websites. We suggest typing Web addresses directly into the browser rather than relying upon links within your messages.
- Do not open spam messages.
- Do not reply to spam. Typically the sender’s email address is forged, and replying may only result in more spam.
- Do not open unknown email attachments. These attachments could compromise your computer.
- Always be sure that your operating system is up-to-date with the latest updates and use a comprehensive security suit
