Last Updated: 2013-08-02 16:20:31 UTC
by Johannes Ullrich (Version: 1)
Right now we are seeing fake American Express account alerts. The alerts look very real, and will trick the user into clicking on a link that may lead to malware. As many of these attacks, the exact destination will heavily depend on the browser used.
Antivirus does recognize the intermediate scripts as malicious and should warn the user if configured to inspect web content.
(click on image for full size)
Johannes B. Ullrich, Ph.D.