Unexpectedly, the offered link doesn't lead to a phishing page, but to one hosting the Blackhole exploit kit.
"When the user arrives at the landing page, and even before they can ascertain whether or not they might be at a legitimate website, the exploit kit has already profiled their computer and determined if there are vulnerable applications to exploit," explain the researchers. "If there are vulnerable applications, as is more often than not the case, a Trojan downloader will be installed."
Unfortunately for many users, only a little more than half of the AV solutions used by VirusTotal detect the malware - a downloader Trojan that once safely ensconced within the machine proceeds to download password stealers and additional backdoors, some of which have a very low detection rate.
"The critical take-away for both enterprise and home users is that the Blackhole exploit kit has an easily attackable Achilles heel: patching! Fully patched machines are not vulnerable to Blackhole," the researchers point out.
"With a patched machine, even those users who follow the link in the phishing email would come away unscathed (providing they enter no confidential information on the fake webpage, of course!) regardless of whether they use OS X, Windows, or Linux. Users with outdated versions of Adobe and Oracle products, however, donít stand a chance."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.