E-mails purporting to contain a payment request from eBay are hitting inboxes around the world:
According to Sophos, two things happen after that:
1. The victim’s browser is redirected again and opens up a spam-site (Canadian Pharmacy or similar)
2. Simultaneously, a malicious iFrame downloads all sorts of malware from other websites where it’s hosted.
The redirection to the spam-site is just a trick to camouflage the real goal of this spam campaign: getting your computer infected. This attack is a combination of two techniques (1, 2)that have lately been prominently featured in the online criminals’ repertoire.