Sponsored by..

Wednesday, 11 July 2012

UPS Spam / proamd-inc.com

This UPS spam leads to malware on proamd-inc.com:

Date:      Tue, 10 Jul 2012 20:34:41 +0200
From:      "Vernon Wade" [USPS_Shipping_Services@usps.com]
Subject:      Your UPS invoices are ready for download.


   
This is an automatically generated email Please do not reply to this email address.

Dear UPS Customer,

New invoice(invoices) are available for download in UPS billing center. Do not forget that your UPS invoices should be paid within 28 days so as not to incur any additional charges.



Please surf to the UPS Billing Center to view and pay your invoice.



Find out more about UPS:
Visit ups.com
Explore UPS Freight Services
Learn About UPS Companies
Sign Up For Additional Email From UPS
Read our official blog

(c) 2012 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.

This communication contains proprietary information and may be confidential. If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.
Privacy Policy
Contact UPS

==========


Date:      Tue, 10 Jul 2012 19:20:05 +0330
From:      "Don Reyes" [USPS_Shipping_Services@usps.com]
Subject:      Please download and pay your UPS delivery charges.


   
This is an automatically generated email Please do not reply to this email address.

Dear UPS Customer,

New invoice(invoices) are available for viewing in UPS billing center. Do not forget that your UPS invoices should be paid within 28 days to avoid any additional charges.



Please visit the UPS Billing Center to view and pay your invoice.



Find out more about UPS:
Visit ups.com
Explore UPS Freight Services
Learn About UPS Companies
Sign Up For Additional Email From UPS
Read our official blog

(c) 2012 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.

This communication contains proprietary information and may be confidential. If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.
Privacy Policy
Contact UPS

==========

From: Miguel Segura [mailto:USPS_Shipping_Services@usps.com]
Sent: 10 July 2012 16:47
Subject: You have outstanding UPS invoices.



   
This is an automatically generated email Please do not reply to this email address.

Valued UPS Customer,
  New invoice(invoices) are available for download in UPS billing center. Please note that your UPS invoices should be paid within 21 days so as not to incur any additional charges.

Please visit the UPS Billing Center to view and pay your invoice.



________________________________________
Find out more about UPS:
Visit ups.com
Explore UPS Freight Services
Learn About UPS Companies
Sign Up For Additional Email From UPS
Read Compass Online


________________________________________
(c) 2012 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.

This communication contains proprietary information and may be confidential. If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.
Privacy Policy
Contact UPS
The malicious payload is at [donotclick]proamd-inc.com/main.php?page=8cb1f95c85bce71b (report here) hosted on 164.15.250.148 (Universite Libre de Bruxelles, Belgium).

The following domains and IPs are also involved in this attack and should be blocked:
afriget.net
fonografs.net
proamd-inc.com
thaidescribed.com
80.77.87.185
164.15.250.148
200.184.213.131

No comments: