Security researchers from Bkav have come across a couple of spam runs designed to lure users to a website advertising a shady work-from-home scheme. The spam campaign leverages the reputation of CNN and Fox News.
The fake CNN emails read something like this: “BREAKING NEWS: Housewife earned $ 5,814 in just one month. Are you still searching for good job? Hundreds of people earn a lot of money without leaving home.”
The bogus Fox News notifications read: “It’s hard to believe, but you can not spend more than 5 hours per day and earn up to $8,000 monthly. Seems unreal. FoxNe tell you how to do it. Read here.”
The links from these emails point to a fake Finance Report website that shows the story of a single mom who allegedly makes a lot of money “without selling anything.”
Interestingly, this is the same website that’s advertised in a Twitter spam campaign that leverages an open redirect vulnerability on one of CNN’s subdomains. The goal is to trick people into signing up for the moneymaking scheme. Of course, registration costs.
Check out the gallery to see what the emails and the websites look like.