Date: Wed, 30 Jan 2013 16:16:32 +0200The link in the email goes through a legitimate hacked site (in this case [donotclick]www.edenespinosa.com/track.php?fdic) to the amusingly named [donotclick]1wstdfgh.organiccrap.com/closest/984y3fh8u3hfu3jcihei.php (report here) hosted on 126.96.36.199 (CoolVDS / Kutcevol Maksum Mukolaevichm, US) which hosts the following suspect domains that you might want to block:
From: "Тимур.Носков@fdic.gov" [firstname.lastname@example.org]
Subject: Important notice from FDIC
Due to the adoption of a new security system, that is aimed at diminishing the number of cases of fraud and scams, all your ACH and WIRE transactions will be temporarily blocked until your security version meets the new requirements.. In order to restore your ability to make transactions, you are required to install a special security software. Please use the link below to download and install all the necessary files.
We apologize for causing you troubles by this measure.
If you need any assistance, please do not hesitate to contact us.
Federal Deposit Insurance Corporation