Dynamoo's Blog

[Via the WeAreSpammers blog] I've never heard of fab.com before, but online comments are very negative .  Originating IP is 65.39.2...

This fake Citibank email has a malicious attachment: Date:      Mon, 27 May 2013 23:25:06 +0530 [13:55:06 EDT] From:      Millard Hint...

This fake Chase "Incoming Wire Transfer" email has a malicious attachment. Date:      Fri, 24 May 2013 09:18:23 -0500 [10:18:...

Everything that this spammer says is a lie: From :     Emily Norton [emily.norton@prospectdirect.org] To :     [redacted] Date :     21...

The file Delivery_Information_ID-000512430489234.zip is being promoted by a spam run (perhaps aimed at Italian users, although all the ho...

50.116.28.24 (Linode, US) is hosting the callback servers for some Mac malware as mentioned here and here plus some other suspect sites....

This fake Newegg.com spam leads to malware: Date:      Fri, 17 May 2013 10:29:20 -0600 [12:29:20 EDT] From:      Newegg [info@newegg.c...

This spam comes from a hacked AOL email account and leads to malware on 62.76.190.11 : From: [AOL sender] Sent: 17 May 2013 14:12 To: [...

This fake Wells Fargo message contains a malicious attachment: Date:      Thu, 16 May 2013 23:24:38 +0800 [11:24:38 EDT] From:      ...

Another variant of this spam is doing the rounds, this time leading to a landing page on virgin-altantic.net : From: Wallmart.com [mai...

This fake Walmart spam leads to malware on bestunallowable.com: From:     Wallmart.com [deviledm978@news.wallmart.com] Date:     16 Ma...

This fake HMRC (UK tax authority) spam contains a malicious attachment: From: noreply@hmrc.gov.uk [mailto:noreply@hmrc.gov.uk] Sent: 1...

This fake invoice email contains a malicious attachment: Date:      Thu, 16 May 2013 00:27:41 -0500 [01:27:41 EDT] From:      Karen Pa...

This fake ADP spam leads to malware on outlookexpres.net : Date:      Wed, 15 May 2013 22:39:26 +0400 From:      "donotreply@adp....

184.95.51.123 (Secured Servers LLC, US / Jolly Works Hosting, Philippines) appears to be trying to serve the Blackhole Exploit kit throug...

This fake Facebook spam leads to malware on otophone.net : Date:      Tue, 14 May 2013 15:29:24 -0500 [05/14/13 16:29:24 EDT] From:   ...

I'm not entirely sure what this is, I think it's an injection attack leading to a malware server on 94.242.198.16 (Root SA, Luxe...

This fake Bank of America message has a malicious Word document attached: Date:      Tue, 14 May 2013 10:16:05 +0500 [01:16:05 EDT] Su...

This fake Amex email has a malicious attachment: Date:      Tue, 14 May 2013 01:34:36 +0600 [15:34:36 EDT] From:      American Express...

188.241.86.33 (Megahost, Romania) is a malware server currently involved in injection attacks, serving up the Blackhole exploit kit, Zbot...