This fake PayPal spam leads to malware at adnroidsoft.net.Date: Mon, 4 Jun 2012 10:43:57 -0400
From: "PayPal" [notify@paypal.com]
Subject: Your Paypal Ebay.com payment.
Transaction ID: 73013749
Hello -----------,
You sent a payment of $950.48 USD to Quentin Cotton
Thanks for using PayPal. To see all the transaction details, Log In to your PayPal account.
It may take a few moments for this transaction to appear in your account.
Seller
Carroll.Dickinson@yahoo.com Note to seller
You haven't included a note.
Shipping address - confirmed
4787 Hyde Rd
Manlius
United States
Shipping details
The seller hasn't provided any shipping details yet.
Description Unit price Qty Amount
1927 Supermarine S.5 & Gloster seaplane Schneider Trophy Race Photograph
Item# 059770363
$950.48 USD 23 $950.48 USD
Shipping and handling $0.00 USD
Insurance - not offered ----
Total $950.48 USD
Payment $950.48 USD
Issues with this transaction?
You have 45 days from the date of the transaction to open a dispute in the Resolution Center.
Questions? Go to the Help Center at: www.paypal.com/help.
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click Help in the top right corner of any PayPal page.
You can receive plain text emails instead of HTML emails. To change your Notifications preferences, log in to your account, go to your Profile, and click My settings.
PayPal Email ID PP303
The link in the email goes to a malicious payload at [donotclick]adnroidsoft.net/main.php?page=017f3bb5c2be6a41 (report here) hosted on 120.197.89.124 (China Mobile Communications Corporation). Unless you do business with China, you might want to consider blocking 120.192.0.0/11 to be on the safe side.
Other sites on the same IP which may also be malicious are:
bestcompdefence.net
lifelovework.net
No comments:
Post a Comment