From: LinkedIn [mailto:firstname.lastname@example.org]The malicious payload is at [donotclick]prepadav.com/detects/region_applied-depending.php hosted on 22.214.171.124 (Hanaro Telecom, Korea). This IP has been used in several malware attacks recently and it should be blocked if you can.
Sent: 21 January 2013 16:21
Subject: LinkedIn Reminder from your co-worker
▫ From CooperWright ( Your employer)
• There are a total of 2 messages awaiting your action. Acces to your InBox now.
Don't wish to receive email notifications? Adjust your letters settings.
LinkedIn respect your privacy. In no circumstances has LinkedIn made your e-mail acceptable to any other LinkedIn user without your allowance. © 2013, LinkedIn Corporation.
The following malicious websites are active on this server: