Today I received an email that simulated being sent by Twitter, ended up in the spam tray and although that is enough reason to be suspicious, it is worth commenting on the case since many users can be tempted by similar messages.
As can be seen in the previous screenshot, reference is made to the confirmation of an account and some links are included. Clicking on any of them opens the following page:
At first glance it seems to do nothing, it just displays an English message that says Please wait … loading, Nevertheless behind the scenes a lot is happening. When looking at the source code you can see that it contains a series of strange codes:
It's about a obfuscated script which charges by means of a iframe a malicious page with exploits that look for vulnerabilities in the computer to infect it automatically:
This means that simply by accessing the message page Please Wait… Loading your computer could become infected without you noticing, it is what is known as an attack drive-by download.
It is for this type of situations that it is always recommended keep the operating system and all programs updated, mainly PDF readers such as Adobe Reader, browsers and their Flash and Java plugins. These are usually the most attacked.
Of course, a good antivirus It is always helpful to block attacks but if we do not contribute our part -good practices and common sense- sooner or later we will end up infected.
See also: BlackHat SEO + Java vulnerable = hidden Trojan download Firefox + NoScript, a safe way to surf the internet.
Note: if you want to analyze the complete code you can ask me privately.