Date: Sat, 22 Sep 2012 15:16:47 -0500
From: "Reminder" [CC8504C0E@updownstudio.com]
Subject: LinkedIn: New messages awaiting your response
From Emilio Byrd (Insurance Manager at Wolseley)
The malicious payload is at [donotclick]18.104.22.168/links/deep_recover-result.php (Solar VPS, US) which appears to be a Blackhole 2 exploit kit. Blocking this IP address would be prudent.