Sponsored by..

Thursday 19 April 2012

LinkedIn Spam / springrheumatology.net

Another LinkedIn spam run leading to malware, this time on springrheumatology.net

Date:      Thu, 19 Apr 2012 19:34:55 +0100
From:      "Callie Holland" [donor@linkedin.com]
Subject:      LinkedIn Invitation from your co-worker


LinkedIn
REMINDERS

Invitation notifications:
? From Patrick Mcdaniel (Your co-worker)


PENDING MESSAGES

? There are a total of 2 messages awaiting your response. Visit your InBox now.

Don't want to receive email notifications? Adjust your message settings.

LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. � 2010, LinkedIn Corporation.

=========================

Date:      Thu, 19 Apr 2012 14:57:47 -0300
From:      "Jane Gaston" [lulu9@linkedin.com]
Subject:      LinkedIn Reminder


LinkedIn
REMINDERS

Invitation reminders:
? From Solomon Goff (Your Colleague)


PENDING MESSAGES

? There are a total of 2 messages awaiting your response. Visit your InBox now.

Don't want to receive email notifications? Adjust your message settings.

LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. � 2010, LinkedIn Corporation.

The malicious payload is at springrheumatology.net/main.php?page=9e32768587b0d9a8 (report here) hosted on the familiar IP address of 41.64.21.71 in Egypt, a very good IP address to block.

No comments: