Sponsored by..

Monday, 15 July 2013

UPS spam / tvblips.net

This fake UPS spam leads to malware on tvblips.net:


Date:      Mon, 15 Jul 2013 10:20:13 -0500
From:     
Subject:      Your UPS Invoice is Ready

   
This is an automatically generated email. Please do not reply to this email address.

Dear UPS Customer,

Thank you for your business.

New invoice(s) are available for the consolidated payment plan(s) / account(s) enrolled in the UPS Billing Center.

Please visit the UPS Billing Center to view and pay your invoice.



Questions about your charges? To get a better understanding of surcharges on your invoice, click here.


Discover more about UPS:
Visit ups.com
Explore UPS Freight Services
Learn About UPS Companies
Sign Up For Additional Email From UPS
Read Compass Online

� 2013 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.

This communication contains proprietary information and may be confidential. If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.
Privacy Policy
Contact UPS

The link in the email goes to a legitimate hacked site that has some highly obfuscated javascript that leads to a malware landing page on [donotclick]tvblips.net/news/ups-information.php (report here) hosted on:


46.45.182.27 (Radore Veri Merkezi Hizmetleri, Turkey)
209.222.67.251 (Razor Inc, US)

Recommended blocklist:
46.45.182.27
209.222.67.251
allgstat.ru
americanexpress.com.krasalco.com
astarts.ru
autorize.net.models-and-kits.net
beachfiretald.com
beatenunwield.com
bnamecorni.com
brandeddepend.com
centow.ru
clik-kids.com
condalnua745746.ru
cpa.state.tx.us.tax-returns.mattwaltererie.net
datapadsinthi.net
ehnihenransivuennd.net
eliroots.ru
ensutringscal.net
estateandpropertty.com
filmstripstyl.com
fulty.net
gcoordinatind.com
gebelikokulu.net
gentonoesleep.com
getstatsp.ru
gondamtvibnejnepl.net
hdmltextvoice.net
hingpressplay.net
irs.gov.tax-refunds.ach.treehouse-dreams.net
jonkrut.ru
linkedin.com-update-report.taltondark.net
magiklovsterd.net
mattwaltererie.net
microsoftnotification.net
nvufvwieg.com
offeringshowt.com
oupwareplanets.su
privat-tor-service.com
quipbox.com
relationshipa.com
relectsdispla.net
sendkick.com
streetgreenlj.com
tax-returns.gov.cpa.state.us.gebelikokulu.net
toetotoetimef.net
tor-connect-secure.com
treehouse-dreams.net
tstatbox.ru
tvblips.net
vip-proxy-to-tor.com
zestrecommend.com


No comments: