Another US Airways spam leading to malware on a Directspace IP (174.140.171.117)
Date: Thu, 5 Apr 2012 18:54:19 +0700The malicious payload is on 174.140.171.117 (report here) hosted by Directspace in the US. This is the third time in recent days that Directspace have hosted such a site in this range, the others were 174.140.171.173 (here) and 174.140.166.138 (here).
From: “US Airways – Reservations” [[email protected]]
Subject: US Airways online check-in.
You have to check in from 24 hours and up to 60 minutes before your flight (2 hours if you’re flying internationally). After that, all you need to do is print your boarding pass and go to the gate.
Confirmation code: 610235
Check-in online: Online reservation details
Flight
5266
Departure city and time
Washington, DC (DCA) 10:00PM
Depart date: 4/5/2012
We are committed to protecting your privacy. Your information is kept private and confidential. For information about our privacy policy visit usairways.com.
US Airways, 111 W. Rio Salado Pkwy, Tempe, AZ 85281 , Copyright US Airways , All rights reserved.
Leave a reply
