Sponsored by..

Wednesday 24 October 2012

Wire Transfer spam / ponowseniks.ru

This fake wire transfer spam leads to malware on ponowseniks.ru:

Date:      Wed, 24 Oct 2012 04:26:12 -0500
From:      FedEx [info@emails.fedex.com]
Subject:      Re: Fwd: Wire Transfer Confirmation (FED REFERENCE 9649AA02)
Attachments:     Report_Trans99252.htm

Dear Bank Operator,

WIRE TRANSFER: FEDW-30126495944197210


You can find details in the attached file.(Internet Explorer format)
The .htm attachment attempts to redirect the user to a malicious page at [donotclick]ponowseniks.ru:8080/forum/links/column.php  hosted on some familar IP addresses: (President of French Polynesia) (MYREN, Malaysia) (eNet, US)

No comments: