Date: Tue, 17 Sep 2013 15:28:52 +0330 [07:58:52 EDT]
Subject: FDIC: About your business account
Dear Business Customer,
We have important news regarding your financial institution.
Please View to see further details.
This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership
FDÌC Questions for FDÌC?
The FDÌC receives no Congressional appropriations - it is funded by premiums that banks and thrift institutions pay for deposit insurance coverage and from earnings on investments in U.S. Treasury securities. The FDÌC insures approximately $9 trillion of deposits in U.S. banks and thrifts - deposits in virtually every bank and thrift in the country.
Federal Insurance Company · 3501 Fairfax Drive · Arlington VA 22225 · 877-275-3342
The link goes through a legitimate hacked site and onto a malware landing page at [donotclick]www.fdic.gov.horse-mails.net/news/fdic-insurance.php which belongs to the Amerika gang and is hosted on the following IPs (the recommend blocklist is at the end of the post):
22.214.171.124 (Voxility S.R.L., Romania)
126.96.36.199 (Megalan / Mobiltel EAD, Bulgaria)
188.8.131.52 (OpWan SARL, France)
184.108.40.206 (iWeb Technologies, Canada)
220.127.116.11 (Hurricane Electric, US)
Of interest, the legitimate hacked site that is linked to tries to do some OS detection which is a new feature (pictured below)
Recommended blocklist (use in conjunction with this):