Fake LinkedIn Email Link to JAVA Security Bypass Zero-day Exploit
July 5, 2014
January 16, 2013
Here is a malicious e-mail that is trying to take advantage of the JAVA Security Bypass Zero-day exploit by impersonating popular professional networking website LinkedIn. The JAVA Security Bypass Zero-day exploit is a flaw that allows a malicious website, set up by a hacker, to infect your computer with malicious programs by just visiting the website.
Please continue reading below.
This is how the malicious fake LinkedIn e-mail looks:
From: John Smith - LinkedIn (syllabifiesrev6077 @sprintrefugees.com)
Join my network on LinkedIn
From John Smith (CEO at EZ Internet Solurions and Owner, EZ Internet Solurions)
There are a total of 5 messages awaiting your response. Go to InBox now.
This message was sent to email@example.com. Don't want to receive email notifications? Login to your LinkedIn account to Unsubscribe.
LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. c 2013, LinkedIn Corporation.
The aim of this e-mail message is to, trick the victims into clicking on the links in it, which will take them to the malicious website: http://www.greetingsexperiencedone .asia/. A webpage on this website was created with a malicious Java Applet code to download malicious programs on to the victim's customer.
Please note that, you may receive other fake e-mails impersonating other legitimate websites and organizations.
If you receive the notification in your web browser below, prompting you to run the Java Add-On, please close that browser window.
For information about the JAVA Security Bypass Zero-day exploit, click here.
Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: firstname.lastname@example.org .
Alert and help your family and friends by sharing this article with them: