From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of LinkedIn PasswordThe malicious payload is at [donotclick]giminalso.ru:8080/forum/links/column.php (report here) hosted on the same IPs as in this other attack today:
Sent: 08 March 2013 10:24
Subject: Aylin is now part of your network. Keep connecting...
You and Aylin are now connected.
2012, LinkedIn Corporation
220.127.116.11 (Hetzner, South Africa)
18.104.22.168 (WebhostOne, Germany)
22.214.171.124 (Supermedia, Poland)