Malicious emails disguised as breaking news of a US bombing of Syria are making the rounds online.
Kaspersky senior anti-virus researcher Roel Schouwenberg said the phishing campaign contained shortened links leading to an exploit kit that targeted vulnerable Adobe Reader and Java software.
More often, however, phishers prefer to use the “more reliable” Java exploits, he wrote.
Once users click malicious links in the fake CNN emails, they're led to the exploit kit, which downloads a trojan capable of distributing other malware on compromised machines.
“If the US do[es] decide in favor of military action against Syria, we can expect a lot more Syria-themed malicious emails,” Schouwenberg warned.