This fake NACHA spam leads to malware on bwdlpjvehrka.ddns.info:
Date: Tue, 23 Oct 2012 05:44:05 +0200
From: "noreply@direct.nacha.org"
Subject: Notification about the rejected Direct Deposit payment
Herewith we are informing you, that your most recent Direct Deposit via ACH transaction (#914555512836) was cancelled, due to your current Direct Deposit software being out of date. Please use the link below to enter the secure section of our web site and see the details::
Details
Please contact your financial institution to acquire the new version of the software.
Sincerely yours
ACH Network Rules Department
NACHA | The Electronic Payments Association
13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171
Phone: 703-561-1100 Fax: 703-787-0996
The malicious payload is at
[donotclick]bwdlpjvehrka.ddns.info/links/calls_already_stopping.php hosted on
78.24.222.16 (TheFirst-RU, Russia). Blocking this IP address would be a good move.
No comments:
Post a Comment