From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of LinkedIn PasswordThe malicious payload is at [donotclick]giminalso.ru:8080/forum/links/column.php (report here) hosted on the same IPs as in this other attack today:
Sent: 08 March 2013 10:24
Subject: Aylin is now part of your network. Keep connecting...
You and Aylin are now connected.
2012, LinkedIn Corporation
126.96.36.199 (Hetzner, South Africa)
188.8.131.52 (WebhostOne, Germany)
184.108.40.206 (Supermedia, Poland)