Source: The Register
by John Leyden
In this article “The use of exploit kits is allowing phishing fraudsters to develop scams that only rely on tricking prospective marks into clicking a link, rather than submitting all their details to a bogus website.
Many recent phishing runs spotted by Trend Micro have made use of the notorious Blackhole Exploit kit. The hacker favourite is used to automate the process of mounting drive-by-download style attacks from compromised (often legitimate) websites. Blackhole preys on browser exploits, Adobe software bugs and most recently the latest Java vulnerabilities, a particular successful strategy since third-party software frequently goes without updates.