Sponsored by..

Thursday 29 November 2012

"Wire Transfer" spam / dimarikanko.ru

This fake "Wire Transfer" spam leads to spam on dimarikanko.ru:

Date:      Thu, 29 Nov 2012 06:01:55 +0700
From:      LinkedIn Connections [connections@linkedin.com]
Subject:      Re: Fwd: Wire Transfer (75631MU030)

Dear Bank Account Operator,

WIRE TRANSFER: FED675249061747420


Please REVIEW YOUR TRANSACTION as soon as possible.
The malicious payload is at [donotclick]dimarikanko.ru:8080/forum/links/column.php hosted on a bunch of familiar looking IP addresses which have been used in several recent attacks: (GNet, Mongolia) (MYREN, Malaysia) (Psychz Networks, US)

No comments: