Malicious URLs in Fake Craigslist Emails

June 8, 2012 – 4:53 AM

Today, Websense® Security Labs™ ThreatSeeker™ Network has seen a barrage of malicious emails pretending to be automated notifications from Craigslist. These emails instruct the recipient to click a link to complete a Craigslist request. The URLs in these emails redirect the user to malicious web sites hosting Blackhole Exploit Kit. So far we have seen over 150,000 of these emails in our Cloud Email Security portal. Websense Email Security and Websense Web Security protect against this kind of blended threat with ACE, our Advanced Classification Engine.

The emails have subject lines like:

POST/EDIT/DELETE : “Models for fine” (systems / network)
POST/EDIT/DELETE : “Studio4PaintWorkCatskills” (education)
POST/EDIT/DELETE : “Show Your Art” (cars+trucks)


You must be logged in to post a comment.