Date: Thu, 13 Jun 2013 01:18:09 +0800 [13:18:09 EDT]
From: FedEx [wringsn052@emc.fedex.com]
Subject: Your Fedex invoice is ready to be paid now.
FedEx(R) FedEx Billing Online - Ready for Payment
fedex.com
Hello [redacted]
You have a new outstanding invoice(s) from FedEx that is ready for payment.
The following ivoice(s) are to be paid now :
Invoice Number
5135-13792
To pay or review these invoices, please sign in to your FedEx Billing Online account by clicking on this link: http://www.fedex.com/us/account/fbo
Note: Please do not use this email to submit payment. This email may not be used as a remittance notice. To pay your invoices, please visit FedEx Billing Online, http://www.fedex.com/us/account/fbo
Thank you,
Revenue Services
FedEx
This message has been sent by an auto responder system. Please do not reply to this message.
The content of this message is protected by copyright and trademark laws under U.S. and international law.
Review our privacy policy. All rights reserved.
The link in the email goes through a legitimate hacked site and ends up on a malware payload page at [donotclick]oxfordxtg.net/news/absence_modern-doe_byte.php (report here) hosted on:
124.42.68.12 (Langfang University, China)
190.93.23.10 (Greendot, Trinidad and Tobago)
The following partial blocklist covers these two IPs, but I recommend you also apply this larger blocklist of related sites as well.
124.42.68.12
190.93.23.10
biati.net
condalinneuwu5.ru
condalnuas34637.ru
condalnuashyochetto.ru
cunitarsiksepj.ru
eheranskietpj.ru
ejoingrespubldpl.ru
gnunirotniviepj.ru
gstoryofmygame.ru
icensol.net
janefgort.net
jetaqua.com
klosotro9.net
mortolkr4.com
myhispress.com
nipiel.com
onlinedatingblueprint.net
oxfordxtg.net
oydahrenlitutskazata.ru
pnpnews.net
smartsecurityapp2013.com
trleaart.net
twintrade.net
usforclosedhomes.net
No comments:
Post a Comment