Sponsored by..

Thursday 22 March 2012

"LinkedIn Invitation from your co-worker" spam / slickcurve.com and bluecellular.com

Another malicious fake email from LinkedIn leading to malware hosted on slickcurve.com.

Date:      Thu, 22 Mar 2012 13:35:48 +0200
From:      "Dominique Benitez" [peripherals698@linkedin.com]
Subject:      LinkedIn Invitation from your co-worker


Invitation reminders:
? From Timothy Vega (Your classmate)


? There are a total of 1 messages awaiting your response. Visit your InBox now.

Don't want to receive email notifications? Adjust your message settings.

LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. � 2010, LinkedIn Corporation.

The malware payload is on slickcurve.com/showthread.php?t=73a07bcb51f4be71 (report here) hosted on (Linode, US). Blocking that IP address will block any other malicious sites on the same server.

No comments: