Date: Fri, 5 Apr 2013 07:57:37 +0300The .htm attachment in the email leads to malware at [donotclick]ijsiokolo.ru:8080/forum/links/column.php (report here) hosted on:
From: "Account Services ups" [upsdelivercompanyb@ups.com]
Subject: Re: End of Aug. Statement Required
Attachments: Invoice_AF146989113.htm
Good morning,
I give you inovices issued to you per Feb. (Microsoft Internet Explorer format).
Regards
DAYLE PRIEST
=================
Date: Fri, 5 Apr 2013 07:56:53 -0300
From: "Tracking" [ups-account-services@ups.com]
Subject: Re: FW: End of Aug. Stat.
Hallo,
I give you inovices issued to you per Feb. (Microsoft Internet Explorer format).
Regards
Mariano LEE
91.191.170.26 (Netdirekt, Turkey)
208.94.108.238 (Fibrenoire, Germany)
Blocklist:
91.191.170.26
208.94.108.238
ifinaksiao.ru
igionkialo.ru
ijsiokolo.ru
illuminataf.ru
imanraiodl.ru
itriopea.ru
ivanikako.ru
ixxtigang.ru
izamalok.ru
izjianokr.ru
No comments:
Post a Comment