Sponsored by..

Thursday, 6 December 2012

"Copies of policies" spam / cinemaallon.ru

This spam leads to malware on cinemaallon.ru:

Date:      Thu, 6 Dec 2012 06:41:01 -0500
From:      Isidro Pierre via LinkedIn [member@linkedin.com]
Subject:      RE: ASHTON - Copies of Policies.

Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.

Here is the Package and Umbrella,

and a copy of the most recent schedule.

The malicious payload is at [donotclick]cinemaallon.ru:8080/forum/links/column.php hosted on the following familiar IPs: (Gnet, Mongolia) (Psychz Networks, US)

No comments: