Compromised Yahoo account, Compromised website – Meds for Thanksgiving

We received this email from a friend and immediately suspected that his Yahoo account had been compromised. The subject was clearly not generated by a human and the email contained a single link with some garbled text. 

Following the link brought us to some exciting special price meds just in time for thanksgiving:

After notifying our victimized friend we had a closer look at the site name in the link, which appeared to be genuine (malthousesales.co.uk). It turns out that the site used was also compromised – the spammers successfully implanting their pharmacy page within the images directory of a legitimate site. As described on their homepage Malthouse sell “scarves, jewellery & gifts for every season”. And now, unbeknownst to them, they sell low-priced meds.