Spam season continues with this fake "contract" email with a link that leads to a malicious payload on coredret.ru/main.php.Date: Thu, 8 Dec 2011 01:58:25 +0700
From: "Daisy Newby" [CadenHolmgren@hanmail.net]
Subject: Your new contract
As we arranged the day before yesterday in the in your place we've got the contract ready, plase study it carefully and let us know whether you accept all the issues.
We've attached the copy of the contract below
Contract.doc 36kb
Best Wishes
Daisy Newby
Fingerprint: bfe69dcc-ccc03723
coredret.ru is hosted on 91.195.11.41 (UkrStar ISP, Ukraine). 91.195.10.0/23 is very sparsely populated, so blocking access to it should cause no problems.
No comments:
Post a Comment