A mail purportedly coming from Sendspace claims that you have received a file , apparently it links to a malicious website, warns a security researcher Conrad Longmore.
Sendspace is one of the popular site that allows users to send large files too big for e-mail to friends, family, and businesses, anywhere in the world.
The email with a subject "You have been sent a file (Filename: [redacted]-9038870.pdf)" :
Sendspace File Delivery Notification:
You've got a file called [redacted]-56.pdf, (133.8 KB) waiting to be downloaded at sendspace.(It was sent by CHIQUITA Caldwell).
You can use the following link to retrieve your file:
Download Link
The file may be available for a limited time only.
Thank you,
If a recipient click the download link,he will be redirected to malicious website. The site hosts the BlackHole Exploit v2.0. If victim's system has vulnerable software, the page will exploit the vulnerability and drops the virus.
The same malware link used in the NACHA spam attack.We believe this is first sendspace spam mail.
Users are advised to keep software updated at all times. If everything is patched up, the exploit kit will not be able to serve the malware. However, be careful when dealing with links in emails. Hovering the mouse over them should provide an indication of where they actually lead.
