Date: Tue, 09 Oct 2012 22:30:56 +0300
From: "Sprint" [87A816934@uacvt.org.au]
Subject: Your Sprint bill online
Please do not reply to this email. Not seeing the images? View online or go mobile.
Bill Period: September 10 - October 9, 2012
Total Due by October 9 $5207
Note: All online payments are made in a secure environment.
SPRINT NEWS AND NOTICES
This section contains important updates about your Sprint Services, Including Service or Rate Changes, Promotions and Offers.
NEXTEL PRODUCTS: IMPORTANT MESSAGE
Due to the Nextel National Network shutdown on 6/30/13, any Nextel devices sold after 6/1/12 are intended to support existing customers' migration efforts and no minimum Order Terms will apply.
© 2012 Sprint. All rights reserved.
The malicious payload is at [donotclick]1.starkresidential.net/links/assure_numb_engineers.php hosted on 74.207.233.58 (Linode, US).
The following malicious sites are also on the same server:
25.allservicemovingandstorage.com
1.browncastro.com
1.browncastro.net
In all cases, these appear to be malicious subdomains of legitimate hacked domains. If you can, you should block traffic to 74.207.233.58 to stop other malicious sites on the same server from being a problem.
No comments:
Post a Comment