Sponsored by..

Monday 21 January 2013

LinkedIn spam / prepadav.com

This fake LinkedIn spam leads to malware on prepadav.com:

From: LinkedIn [mailto:news@linkedin.com]
Sent: 21 January 2013 16:21
Subject: LinkedIn Reminder from your co-worker

LinkedIn
REMINDERS
Invitation reminders:
▫ From CooperWright ( Your employer)

PENDING LETTERS
• There are a total of 2 messages awaiting your action. Acces to your InBox now.
Don't wish to receive email notifications? Adjust your letters settings.
LinkedIn respect your privacy. In no circumstances has LinkedIn made your e-mail acceptable to any other LinkedIn user without your allowance. © 2013, LinkedIn Corporation.
The malicious payload is at [donotclick]prepadav.com/detects/region_applied-depending.php hosted on 222.238.109.66 (Hanaro Telecom, Korea). This IP has been used in several malware attacks recently and it should be blocked if you can.

The following malicious websites are active on this server:
seoseoonwe.com
alphabeticalwin.com
splatwetts.com
bestwesttest.com
masterseoprodnew.com
cocolspottersqwery.com
teamrobotmusic.net
vaishalihotel.net
shininghill.net
terkamerenbos.net
prepadav.com

No comments: