The Latest in IT Security

Wire Transfer & PayPal spam / forumibiza.ru

05
Nov
2012


These two spam campaigns lead to malware on forumibiza.ru:

Date:      Mon, 5 Nov 2012 12:54:44 +0530
From:      Declan Benjamin via LinkedIn [[email protected]]
Subject:      Wire Transfer Confirmation (FED 27845UL095)

Good afternoon,

Your Wire Transfer Amount: USD 85,714.01

Wire Transfer Report: View

ELOISA STRICKLAND,

The Federal Reserve Wire Network

==============


From: [email protected] [mailto:[email protected]]
Sent: 05 November 2012 01:48
Subject: Welcome to PayPal – Choose your way to pay

Welcome
Hello [redacted],
Thanks for paying with PayPal.
We congratulate you with your first Paypal money transfer. But we have hold it for the moment because the amount is over the security borders of our rules.

Here is what we have on file for you. Take a second to confirm we have your correct information.
Email
[redacted]
Confirmation Code
5693-0930-8767-9350-6794
    Transfer Information
Amount: 27380.54 $
Reciever: Gracia Cooley
E-mail: Gage97742@[redacted].com

Accept Decline

Help Center | Security Center
Please don’t reply to this email. It’ll just confuse the computer that sent it and you won’t get a response.
Copyright 2012 PayPal, Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.
PayPal Email ID PP6118

The malicious payload in both cases is [donotclick]forumibiza.ru:8080/forum/links/column.php  hosted on the following IPs:

65.99.223.24 (RimuHosting, US)
103.6.238.9 (Universiti Putra, Malaysia)
203.80.16.81 (MYREN, Malaysia)

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments