Thank you for considering our products and services, your information arrived today.In each case the message was from either "Support Center" or "Ticket Support" with a subject in the form of "Ticket [#5409290]" (the number is random).
Alright, here's the link to the site:
Proceed to Site
Thank you for taking the time to contact us.
Regards, Bethany Briseno, Support Team manager.
---------
Thank you for your letter of Apr 17, your information arrived today.
Alright, here's the link to the site:
Proceed to Site
Thank you for taking the time to contact us.
Regards, Silas Mixon, Support Team manager.
---------
Thank you for considering our products and services, your information arrived today.
Alright, here's the link to the site:
Proceed to Site
If we can help in any way, please do not hesitate to contact us.
Sincerely, Jenna Golden, Support Team manager.
---------
Thank you for your letter of Apr 17, your information arrived today.
Alright, here's the link to the site:
Proceed to Site
If we can help in any way, please do not hesitate to contact us.
Sincerely, Fredricka Palacios, Support Team manager.
The links in the email go to a legitimate site omronfitness.com belonging to Omrom Healthcare which has been hacked to serve illegal pharmacy pages, for example:
[donotclick]omronfitness.com/buyaccutane/
[donotclick]omronfitness.com/buyflomax/
The landing page does not appear to be malicious, but care should be taken. See this URLquery report for an example.
Omron is a multibillion dollar Japanese corporation, but it appears to have been hacked through an insecure WordPress installation which is rather shabby.
One amusing sidenote, the server 23.21.115.143 that hosts omronfitness.com also hosts another Omron-owned site moronfitness.co. Enough said.
Update 22/4/2014: Omron say that they have now fixed the issue.
No comments:
Post a Comment