Dynamoo's Blog
Malware, spam, scams and random stuff, by Conrad Longmore.
Tuesday, 22 July 2014
IGPK (Integrated Cannabis Solutions Inc) pump-and-dump spam
›
There seems to be a low-volume pump-and-dump spam run promoting IGPK (Integrated Cannabis Solutions Inc) , the second recent spam I've...
Monday, 21 July 2014
Something evil on 188.120.198.1 (IP4ISP / LuckyNet, Czech Republic)
›
Here another bunch of Cushion Redirect sites closely related to this attack a few weeks ago but this time hosted on 188.120.198.1 (IP4I...
2 comments:
Friday, 18 July 2014
Something evil on 5.135.211.52 and 195.154.69.123
›
This is some sort of malware using insecure OpenX ad servers to spread. Oh wait, insecure is pretty much the default configuration for Ope...
Thursday, 17 July 2014
"Notificación de transferencia de fondos a su favor" spam
›
This Spanish-language spam has a malicious Word document as an attachment. From : HSBC Transferencias [Mexico_contacto@hsbc.com.mx]...
8 comments:
Wednesday, 16 July 2014
"You've received a new fax" / "You have a new Secure Message" spam
›
This pair of spam messages leads to a malicious ZIP file downloaded via goo.gl (and not Dropbox as the spam says) From: Fax [fax@ ...
Tuesday, 15 July 2014
Scam? thejointventuregroup.com (The Joint Venture Group) and other domains
›
This slimy proposition plopped into my spamtrap: From: Lori Henderson [info@loriwiththejointventuregroup.com] Date: 15 July 20...
Monday, 14 July 2014
"Important - Internal Only" spam
›
This spam comes with a malicious payload: Date: Mon, 14 Jul 2014 16:12:49 +0000 [12:12:49 EDT] From: Administrator [Administr...
Spam from Institute of Project Management America (instituteofprojectmanagementamerica.org)
›
I wrote about the so-called Institute of Project Management America last month along with their principals Anthony Christopher Jones (ak...
1 comment:
Scam: "CNnet Dispute Solutions Ltd" cn-network.com / cn-network.org
›
This email from a Chinese domain registrar styling itself as "CNnet Dispute Solutions Ltd" is a scam. From: james@cn-netw...
3 comments:
Thursday, 10 July 2014
"TT PAYMENT COPY" spam
›
We've seen spam like this before . It comes with a malicious attachment. Date: Thu, 10 Jul 2014 00:09:28 -0700 [03:09:28 EDT] ...
"Estado de Cuenta Datallado en Línea (Statement Datallado Online)" spam contains a Macro virus
›
This Spanish-language spam comes with a Word document containing a Macro virus. From : Banco Santander [altacuentas_cash@santander....
Wednesday, 9 July 2014
NatWest fails when it comes to basic phishing precautions - report
›
It's late, so I'll just copy-and-paste this release about a rather stupid failure by NatWest to set an SPF record for one of their...
Tuesday, 8 July 2014
Scam: "All Company Formation" (allcompanyformation.com / businessformation247.com)
›
Sometimes it isn't easy to see what a scam is, but this email hit my spamtrap advertising an outfit that can allegedly create offshore...
1 comment:
Friday, 4 July 2014
Scam: advocatesforyouths.org, Eem Moura, Tee Bello and other fake sites
›
Advocates for Youth is a legitimate campaign organisation that says that it " champions efforts to help young people make informed a...
Wednesday, 2 July 2014
Amazon Local "Order Details" spam / order_id.zip
›
This fake Amazon spam has a malicious attachment: Date: Wed, 2 Jul 2014 03:33:39 -0800 [07:33:39 EDT] From: "Amazon.com...
Tuesday, 1 July 2014
Something evil on 37.187.140.57 (OVH, France)
›
A group of Cushion Redirect sites appear to be hosted on 37.187.140.57 (OVH, France), although I cannot determine the exact payload of th...
2 comments:
‹
›
Home
View web version
