Date: Thu, 20 Sep 2012 09:10:47 -0300The malicious payload (probably Blackhole 2) is at [donotclick]soisokdomen.ru:8080/forum/links/column.php hosted on the following familiar looking IP addresses:
From: Badoo [noreply@badoo.com]
Subject: Re: Fwd: Tax Payment COM1684-645 is failed.
Hello,
Your Federal Tax Payment has been rejected.
Please, check the information and refer to Code I 94 to get details about
your company payment:
http://www.eftps.gov/section794/P9367027
JACINTA Stout,
The Electronic Federal Tax Payment System
213.135.42.98
50.56.92.47
203.80.16.81
Blocking these would be prudent.
No comments:
Post a Comment