Spammers have long been using lurid headlines based on current events to trick people into opening their messages and clicking on the links they contain. Their latest trick exploits the alert features of both CNN and MSNBC. Users are receiving mail that looks like a breaking news alert from one of the popular news sites. The headlines range from shocking (“Elizabeth Taylor Found Murdered” to amusing “Europeans Dislike Americans’ Attitudes”). While most are fake, some are real,(“NFL Greats Inducted Into the Hall of Fame”) which makes the emails seem legit.

The body of the message contains a link claiming be a video on the news story, but it actually a malicious link that if clicked, prompts the user to download a fake Adobe Flash update. The update is a Trojan, and once installed, downloads even more malware, sends the users personal info to it’s controller server, and adds the system to a botnet. Gary Warner’s blog has a list of the malicious domains-block them to protect your business! Some of them are legit companies that have been compromised, but until they realize it and clean up their servers (and the security holes that allowed them to be hacked), blocking them is for the best.