This spam leads to malware on
kendallvile.com:
From: batchservice@eftps.net [batchservice@eftps.net]
Date: 22 January 2013 17:56
Subject: Batch Payment File Reversed
=== PLEASE NOT REPLY TO THIS MESSAGE===
[redacted]
This notification was mailed to inform you that your payment file has Reversed. 2013-01-21-9.56.22.496135
Detailed information is accessible by sign into the Batch Provider with this link.
--
With Best Regards,
EFTPS
Contact Us: EFTPS Batch Provider Customer Service
This leads to an exploit kit on
[donotclick]kendallvile.com/detects/exceptions_authority_distance_disturbing.php (
report here) hosted on the very familiar IP address of
222.238.109.66 (Hanaro Telecom, Korea) which should be blocked if you can.
No comments:
Post a Comment