From: USPS Quantum View [mailto:notify@usps.com]The malicious payload is at [donotclick]euronotedetector.net/detects/updated_led-concerns.php hosted on the familiar IP address of 222.238.109.66 (Hanaro Telecome, Korea) which has been used in several recent attacks.
Sent: 23 January 2013 14:33
Subject: Your USPS postage labels charge.
Acct #: 2377203
[redacted]
This is an email confirmation for your order of 5 online shipping label(s) with postage. Your credit card will be charged the following amount:
Transaction ID: #9724602
Print Date/Time: 01/21/2013 02:05 PM EST
Postage Amount: $21.80
Credit Card Number: XXXX XXXX XXXX XXXX
Overnight Mail Regional Rate Box B # 7184 5899 9548 5735 5133 (Sequence Number 1 of 1)
If you need further assistance, please log on to www.usps.com/clicknship and go to your Shipping History or visit our Frequently Asked Questions .
Refunds for unused postage-paid labels can be requested online up to 10 days after the issue date by logging on to your Click-N-Ship Account.
Thank you for choosing the United States Postal Service
Click-N-Ship: The Online Shipping Solution
Click-N-Ship has just made on line shipping with the USPS even better.
New Enhanced International Label and Customs Form: Updated Look and Easy to Use!
* * * * * * * *
This is a post-only message. Please do not respond
The following malicious domains are on the same IP:
kendallvile.com
seoseoonwe.com
alphabeticalwin.com
ehadnedrlop.com
bestwesttest.com
prepadav.com
masterseoprodnew.com
cocolspottersqwery.com
teamrobotmusic.net
shininghill.net
africanbeat.net
euronotedetector.net
No comments:
Post a Comment