Fake amazon notification mails are hitting inboxes and trying to lure recipients into following the links that hosts Blackhole Exploit kit . The email has been spotted by GFI researchers.
The mail may look legitimate . The only thing that gives it away at first glance is the fact that multiple email addresses are included in the "To:" field, and the email is personalized for the first recipient.
The links in the email leads to various legitimate but compromised WordPress domains. Their URLs contain the following section in their syntax:
/wp-content/themes/twentyten/zone(dot)html
Blackhole exploit code tries to exploit the Adobe Reader &Flash , Java vulnerabilities. If you have one of the vulnerable application installed in your system, then the kit will exploit the vulnerability and infects users system.
