Sponsored by..

Friday 6 July 2012

"Your Receipt and Itinerary" spam / ellomb.net

This spam leads to malware on ellomb.net:

From: Johnny Mooney [mailto:kxijgvpu@asistencia.org]
Sent: 06 July 2012 13:56
Subject: Your Receipt and Itinerary

Thank you for choosing Delta. We encourage you to review this information before your trip. If you need to contact Delta or check on your flight information, go to delta.com, call 800-221-1212 or call the number on the back of your SkyMiles© card.
Now, managing your travel plans just got easier. You can exchange, reissue and refund electronic tickets at delta.com. Take control and make changes to your itineraries at delta.com/itineraries.
Speed through the airport. Check-in online for your flight.
Flight Information
DELTA CONFIRMATION #: C1N270
TICKET #: 31894208655700
Day    Date    Flight    Status    Bkng
Class    City    Time    Meals/
Other    Seat/
Cabin
---    -----    ---------------    ------    -----    ----------------    ------    ------    -------
Sun    8 JUL    DELTA 116    OK    U    LV NYC-KENNEDY
AR SAN FRANCISCO    515P
916P    F    45A
COACH
Mon    9 JUL    DELTA 1837    OK    K    LV SAN FRANCISCO
AR NYC-KENNEDY    1230P
702A#    V    32A
COACH
Baggage and check-in requirements vary by airport and airline, so please check with the operating carrier on your ticket.
Please review Delta's check-in Requirements and baggage guidelines for details.
You must be checked in and at the gate at least 15 minutes before your scheduled departure time for travel inside the United States.
You must be checked in and at the gate at least 45 minutes before your scheduled departure time for international travel.
For tips on flying safely with laptops, cell phones, and other battery-powered devices, please visit http://SafeTravel.dot.gov.
Do you have comments about our service? Please email us to share them with us.
-----------------------------------------------------------------------------
Conditions of Carriage
Air transportation on Delta and the Delta Connection carriers is subject to Delta's conditions of carriage. They include terms governing, for example:
Limits on our liability for personal injury or death of passengers, and for loss, damage or delay of goods and baggage.
Claim restrictions, including time periods within which you must file a claim or bring an action against us
Our right to change terms of the contract
Check-in requirements and other rules establishing when we may refuse carriage
Our rights and limits of our liability for delay or failure to perform service, including schedule changes, substitution of alternative air carriers or aircraft, and rerouting
Our policy on overbooking flights, and your rights if we deny you boarding due to an oversold flight
These terms are incorporated by reference into our contract with you. You may view these conditions of carriage on delta.com, or by requesting a copy from Delta.
The malicious payload is on  [donotclick]ellomb.net/main.php?page=d502255d1a941be3 (not resolving when I tried to analyse it) hosted on 83.69.226.143 (Awax Telecom, Russia). Incidentally, 83.69.226.0/24 all looks pretty bad and is worth blocking.

No comments: