Websense has detected a massive phishing campaign targeting AT&T customers, sending in-excess of 200,000 fake emails that are masquerading as billing information.
The phishing emails pretending to be from the American communication services provider were unearthed by Websense on Thursday. The fake emails look to scam consumers containing bogus claims that they owe AT&T hundreds of dollars.
The email also reportedly houses a malicious link that lets the scams author's infect victims' machines.
"Clicking on the link in the bogus message sends the user to a compromised web server that redirects the browser to a Blackhole exploit kit. As a result, malware is downloaded onto the computer that is currently not detected by most anti-virus products, according to VirusTotal," read Websense's blog.
"ThreatScope analysis shows that the malware is part of the Zeus family. It drops files into the Application Data and Temp folders, and then injects code into other processes running on the computer, for example Internet Explorer and Adobe Reader. After this, it accesses a bot network where the attacker can instruct the malware to take further actions."
The new scam is one of many phishing campaigns currently operating. Earlier in June F-Secure security chief Mikko Hypponen warned that the use of phishing emails has become a staple source of income for cyber criminals, during a press tour of the company's labs.
Leaks indicate that launch of AMD APUs with integrated Vega graphics is just around the corner
Facebook CISO Alex Stamos defends company over claims company network is 'run like a college campus'
Stamos explains: Facebook engineers enjoy a lot of autonomy, it's not disorganised and chaotic
HMRC refusal over VAT payment schedule forces 22-year-old computer reseller to the wall
AMD claims updates to Radeon ProRender will speed-up 3ds Max rendering by up to 35 per cent