Date: Tue, 26 Feb 2013 14:26:20 +0200The malicious payload is at [donotclick]lazaro-sosa.com/detects/queue-breaks-many_suffering.php (report here) hosted on:
From: "Facebook" [firstname.lastname@example.org]
Subject: Brian Parker commented your photo.
Brian Parker commented on Your photo.
Reply to this email to comment on this photo.
This message was sent to [redacted]. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
Facebook, Inc., Attention: Department 415, PO Box 10001, Palo Alto, CA 90307
126.96.36.199 (PT Telkom, Indonesia)
188.8.131.52 (AMRES, Serbia)
Blocking these IPs is probably prudent.