Thursday, 11 October 2012

Sophos: "Your phone number may not be as private on Facebook as you think - and how to fix it"

From Sophos.. another good reason not to use Facebook. So, as well as leaking email addresses through a reverse lookup, Facebook also do...
Wednesday, 10 October 2012

Chase credit card spam / 2.cmisd.org

Another fake Chase credit card spam (like this one) , this time leading to malware on 2.cmisd.org : Date:      Wed, 10 Oct 2012 12:21:4...

LinkedIn spam / viewsonicone.ru

This fake LinkedIn spam leads to malware on viewsonicone.ru : From : messages-noreply@bounce.linkedin.com [mailto:messages-noreply@boun...

NACHA spam / formexiting.net

This fake NACHA spam leads to malware on formexiting.net : From: The Electronic Payments Association [mailto:underlining34@anbid.com.br...

Chase credit cards spam / 3.azwap.de

This fake Chase spam leads to malware on 3.azwap.de : Date :      Wed, 10 Oct 2012 11:48:49 -0300 From :      "Chase.com" [n...
1 comment:

Something evil on 96.44.139.218 / perclickbank.org

There's something evil on 96.44.139.218 (OC3 Networks, US): perclickbank.org google-analitlcs.com google-statistic.com nailart4desi...

union-trans.com employment scam

This fake job offer is for a "forwarding agent". What is a forwarding agent? Well, basically it's a parcel reshipping scam w...
Tuesday, 9 October 2012

Sprint spam / 1.starkresidential.net

This fake Sprint spam leads to malware on 1.starkresidential.net: Date:      Tue, 09 Oct 2012 22:30:56 +0300 From:      "Sprint...

"Biweekly payroll" spam / editdvsyourself.net

This fake payroll spam leads to malware on editdvsyourself.net : From: Run Do Not Reply [mailto:jutland@bmacapital.com] Sent: 09 Octob...
1 comment:
Sunday, 7 October 2012

Something evil on 5.9.188.54

Here's a nasty bunch of sites being used in injection attacks, all hosted on 5.9.188.54: nfexfkloawuqlaahsyqrxo.qlvyeviexqzrukyo.waw...
Friday, 5 October 2012

"Intuit GoPayment" spam / simplerkwiks.net

This fake "Intuit GoPayment" spam leads to malware on simplerkwiks.net : Date:      Fri, 5 Oct 2012 15:54:26 +0100 From:   ...

UPS Spam / minus.preciseenginewarehouse.com

This fake UPS spam leads to malware on minus.preciseenginewarehouse.com : From:      "UPSBillingCenter" [512A03797@songburi....
Thursday, 4 October 2012

"Corporate eFax message" spam / 184.164.136.147

These fake fax messages lead to malware on 184.164.136.147 : Date:      Thu, 04 Oct 2012 19:00:16 +0200 From:      "eFax.Alert...

Verizon Wireless spam / strangernaturallanguage.net

This fake Verizon wireless spam leads to malware on strangernaturallanguage.net : From :     AccountNotify whitheringj@spcollege.edu Da...
Wednesday, 3 October 2012

PayPal spam / lenindeads.ru

This fake PayPal spam leads to malware on lenindeads.ru : Date:      Wed, 3 Oct 2012 09:41:01 -0500 From:      "service@paypal.c...

"Corporate eFax message" spam / 69.194.194.222

This fake fax spam leads to malware on 69.194.194.222 : Date:      Wed, 03 Oct 2012 15:00:43 +0200 From:      "eFax" [4FBED2...

Malware sites to block 3/10/12

These domains and IPs relate to an emerging threat, I don't have a full analysis at the moment but they appear to be malicious. If y...
1 comment:

Something evil on 66.45.251.224/29 and 199.71.233.226

The IP address 199.71.233.226 (Netrouting, US)  and the range 66.45.251.224/29 (Interserver, US) are currently being used to distribute ...
Tuesday, 2 October 2012

Friendster spam / sonatanamore.ru

Friendster.. remember that? Before Facebook.. before Myspace.. there was Friendster. This spam email is not from Friendster though and le...
Monday, 1 October 2012

Intuit Shipment spam / art-london.net

This terminally confused Intuit / USPS / Amazon-style spam leads to malware at art-london.net : Date:      Mon, 1 Oct 2012 21:31:57 +0...