This fake Facebook spam leads to malware on Most recent events on
attachedsignup.pro:
Date: Tue, 4 Dec 2012 15:19:16 +0100
From: " Facebook Security Team" [fractionallyb9@hendrickauto.com]
Subject: Most recent events on Facebook
facebook
Hi [redacted],
You have closed your Facebook account. You can rebuild your account whenever you wish by logging into Facebook using your current login email address and password. Subsequently you will be able to take advantage of the site as usually.
Please use the link below to reactivate :
http://www.facebook.com/home.php
If this was you, please pass over this informer. If this wasn't you, please secure your account, as some outlaw person may be explore it.
Best regards, The FaceBook Team
Please note: Facebook will never ask for your personal data through email.
This message was sent to [redacted] from your profile details. Facebook, Inc., Attention: Department 437, PO Box 20000, Palo Alto, CA 96906
The malicious payload is at
[donotclick]attachedsignup.pro/detects/links-neck.php (
report here) hosted on
41.215.225.202 (Essar Wireless Kenya Ltd) which also hosts the probably malicious domain
sessionid0147239047829578349578239077.pl
No comments:
Post a Comment