This spam leads to malware on cinemaallon.ru:Date: Thu, 6 Dec 2012 06:41:01 -0500The malicious payload is at [donotclick]cinemaallon.ru:8080/forum/links/column.php hosted on the following familiar IPs:
From: Isidro Pierre via LinkedIn [member@linkedin.com]
Subject: RE: ASHTON - Copies of Policies.
Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.
Here is the Package and Umbrella,
and a copy of the most recent schedule.
ASHTON QUINONES,
202.180.221.186 (Gnet, Mongolia)
208.87.243.131 (Psychz Networks, US)
No comments:
Post a Comment