The type of spam runs we saw late last year (Obama and BofA) are starting to pick up again in volume. We've seen Classmates being used as a theme and two days ago it was fake Facebook messages. Today it's back to fake Bank of America certificates.



As in all previous spam runs it leads to a site prompting you to download a fake Adobe Flash player. This malware steals confidential information and sends it to a web server. In previous attacks this server was in the Ukraine but it has now been moved to Hong Kong. If you see network traffic to the IP address 58.65.232.17, it's a bad sign.