Date: Tue, 26 Feb 2013 14:26:20 +0200The malicious payload is at [donotclick]lazaro-sosa.com/detects/queue-breaks-many_suffering.php (report here) hosted on:
From: "Facebook" [email@example.com]
Subject: Brian Parker commented your photo.
Brian Parker commented on Your photo.
Reply to this email to comment on this photo.
This message was sent to [redacted]. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
Facebook, Inc., Attention: Department 415, PO Box 10001, Palo Alto, CA 90307
18.104.22.168 (PT Telkom, Indonesia)
22.214.171.124 (AMRES, Serbia)
Blocking these IPs is probably prudent.