Security firm Websense is warning AT&T customers to be on their guard after it detected a huge phishing campaign masquerading as a billing email.
The scam is said to have targeted 200,000 customers with the email demanding outstanding payment of hundreds of dollars. Security experts at Websense said a bill that high could trick many users into clicking the link.
Those who do click the link will be redirected to a compromised web server, which in turn redirects the user’s browser to a blackhole exploit kit. Malware is then installed on the user’s machine.
Worryingly the malware is not being picked up by most antivirus products, meaning many users will be at risk of their machine being infected. According to Websense, the malware "drops files into the Application Data and Temp folders, and then injects code into other processes running on the computer, for example Internet Explorer and Adobe Reader." After that it connects with a botnet to receive instructions on what to do next.