This UPS (or is it USPS?) spam is attempting to direct visitors to a malicious web page at doofyonmycolg.ru/main.php. This looks like a variant of the Redret campaign we have seen recently.
Date: Tue, 16 Jan 2012 02:16:45 -0300
From: “UPS TEAM 121” [[email protected]]
Subject: UPS Tracking Number H4825887305
Your USPS .US for big savings! Can’t see images? CLICK HERE.
UPS UPS TEAM 477
UPS – UPS MANAGER 559 >>
Not Ready to Open an Account?
The UPS Store® can help with full service packing and shipping.
Learn More >>
UPS – Your UPS Customer Services
DEAR, [email protected]
DEAR CLIENT , Delivery Confirmation: Failed
Track your Shipment now!
With best regards , Your UPS Services.
Shipping Tracking Calculate Time & Cost Open an Account
@ 2011 United Parcel Service of America, Inc. USPS CUSTOMER SERVICES, the UPS brandmark, and the color brown are
trademarks of United Parcel Service of America, Inc. All rights reserved.
This is a marketing e-mail for UPS services. Click here to update your e-mail preferences or to unsubscribe to
Your USPS .US, 1 Glenlake Parkway, NE – Atlanta, GA 30331
Attn: Customer Communications Department
doofyonmycolg.ru is hosted on 126.96.36.199. There is another malicious site on 188.8.131.52, there may be others. This IP is allocated to HostForWeb Inc, Chicago. Blocking the IP rather than the domain may help protect against other malicious sites on the same server.
Leave a reply