Websense has detected a massive phishing campaign targeting AT&T customers, sending in-excess of 200,000 fake emails that are masquerading as billing information.
The phishing emails pretending to be from the American communication services provider were unearthed by Websense on Thursday. The fake emails look to scam consumers containing bogus claims that they owe AT&T hundreds of dollars.
The email also reportedly houses a malicious link that lets the scams author's infect victims' machines.
"Clicking on the link in the bogus message sends the user to a compromised web server that redirects the browser to a Blackhole exploit kit. As a result, malware is downloaded onto the computer that is currently not detected by most anti-virus products, according to VirusTotal," read Websense's blog.
"ThreatScope analysis shows that the malware is part of the Zeus family. It drops files into the Application Data and Temp folders, and then injects code into other processes running on the computer, for example Internet Explorer and Adobe Reader. After this, it accesses a bot network where the attacker can instruct the malware to take further actions."
The new scam is one of many phishing campaigns currently operating. Earlier in June F-Secure security chief Mikko Hypponen warned that the use of phishing emails has become a staple source of income for cyber criminals, during a press tour of the company's labs.
Finger pointed at "advanced" nation state attacker in Norwegian health records cyber attack
Kaspersky claims the ban is based on subjective, non-technical public sources - and unconstitutional
Google unleashes Cloud AutoML tool to enable ordinary Joes to train AI systems without having to write code
Next step: machine learning systems that can generate their own machine learning software
Pixel devices could be hijacked by confusing the engine and escaping the Chrome sandbox