American TV networks CNN and MSNBC have been hit by a spoof junk mail claim.


As many as five million junk emails are being sent every hour and are being modelled on news alerts from the networks. They feature headlines intended to grab attention by using stories and pictures of current affairs, politics and celebrities in their news content.


The messages feature URLs that are intended to download malware on to the user's computer, which is typically disguised as a codec needed to view videos. The URL's typically originate from Eastern Europe, with websites featuring the .br, .com, .in and .tw domains, with victims pointed to hijacked sites with .com, .es, .pl, and .ru URLs. That last TLD (.ru) is especially common in the spoof CNN alerts.


Chris Astacio, a security researcher at Websense, said: “Another dangerous aspect of these CNN and MSNBC emails is the intensity with which the messages have been sent. In this campaign alone, our Threatseeker Network has seen as many as five million messages sent, per hour, from multiple hosts worldwide.”