Date: Tue, 10 Jul 2012 13:49:59 -0300
From: “LinkedIn Communication” [[email protected]]
Subject: New Payment through the Intuit network.
Incoming payment received: You received $840.00 from Parks LLC for invoice 53389
You can access the payment details here.
Funds will be transferred in your bank account.
You now have the opportunity to get paid by Credit Card on your invoices. To learn more please sign in to your IPN account and click on the ‘Profile’ tab on the left.
The malicious payload is on [donotclick]thaidescribed.com/main.php?page=8cb1f95c85bce71b (report here) hosted on 18.104.22.168 (Universite Libre de Bruxelles, Belgium). The malicious IPs and domains associated with this attack can also be found here, but you should probably block the following:
Leave a reply