TrendLabs Web content security analysts recently received spammed messages that purported to be from hi5, “a global destination where young people meet and play.” The site claims to have more than 50 million monthly visitors and to be the third largest social media site in the world.

The bogus email asks users to add its sender to their lists of friends just like any normal social networking invitation. What is odd about this email, however, is that it first asks recipients to download and open an attachment, which supposedly contains an invitation.

Unsuspecting users who are tricked into downloading and opening the compressed file (Invitation Card.zip) end up executing a malware detected as WORM_PROLACO.AA instead of an invitation. The attachment contains a file named Document.htm. However, upon closer examination by expanding the Name column in the window, users will discover that the supposed .HTM file is really a malicious .EXE file.

The social engineering technique used in this spam run is probably one of the oldest tricks in the “Spammers’ Handbook,” if there is one. This is precisely why users are always reminded to be wary of opening email messages from people they do not know and to scan file attachments before downloading them onto their systems.

Trend Micro™ Smart Protection Network™ protects users from this threat by preventing the spammed messages from even reaching their inboxes via its email reputation service. It also detects and blocks the malicious file from being downloaded onto and executed in users’ systems via its file reputation service.

Non-Trend Micro product users can also stay protected from this threat via eMail ID, a free tool that helps them avoid opening and acting on email messages attempting to spoof real companies.

It is that time of the year once again for football enthusiasts and sports fanatics alike with the latest season of “Super Bowl.” The “Super Bowl” is one of the U.S. television broadcasting industry’s top-rating shows, drawing thousands of live viewers each game. This year, according to Nielsen, 106.5 million viewers reportedly watched the games, some 24 percent of whom, according to Mashable, watched online.

This is probably why cybercriminals take advantage of the show’s popularity, trying to lure unsuspecting fans via blackhat search engine optimization (SEO) techniques. This is, of course, no longer new, it has happened before but that did not stop cybercriminals from using the same tactics again to push a FAKEAV to online viewers.

Trend Micro threat analysts found that searching for “Super Bowl 44 airtime” in Google led to results that redirected users to malicious sites that claim to contain the information they are looking for.

Upon clicking the link, a prompt alerts users of supposed malware infections, an all-too-familiar tactic rogue antivirus peddlers use to sell their malicious wares.

Also, apart from exploiting an attention-grabbing sports event, cybercriminals have taken advantage of another actor’s supposed death—that of comedian, Bill Cosby—to propagate the exact same FAKEAV variant detected by Trend Micro as TROJ_FAKEAL.SMDP.

As in previously featured blackhat SEO attacks, users face the same risks yet again, including credit card theft:

• FAKEAV Gets First Dibs in Profits from Apple iPad
• Hackers Exploit Actor Johnny Depp’s Death Hoax
• News on Brittany Murphy’s Death Lead to FAKEAV

Trend Micro™ Smart Protection Network™ protects product users from these threats by blocking user access to malicious sites and detecting and preventing the download of harmful binary files such as packupdate_build7_195.exe aka TROJ_FAKEAL.SMDP.

Non-Trend Micro product users, on the other hand, can also stay protected by using free tools such as Web Protection Add-On.