Sponsored by..

Wednesday 14 December 2011

NACHA Spam / financeportal.sytes.net

More NACHA spam this morning, this time the payload is at financeportal.sytes.net/main.php?page=111d937ec38dd17e on Blocking the IP address rather than the domain is probably best as there may be other malicious sites on that server. is on Directspace LLC in Oregon who seem to have a significant problem with malware at the moment, I have seen malicious sites on:

You might want to consider blocking Directspace LLC more widely if you are worried.

No comments: