Phishy Spam
Lately there has been an increased surge in spam. This past week I've received four messages that impersonate a message from Facebook. The messages are actually a Phishing attempt to sell you some drugs. They are very "facebook" like and to an unsuspecting email recipient they would likely capture a click thru. I followed through the links to find dead pharmacy links. It appears there is spam campaign to sell med's through phishing emails.
A snapshot of one of the emails is below and all of the emails had a consistent link inside the email. The links were as follows. The ultimate destinations never loaded and appear to be removed as of this writing. The pharm url's were all on the same IP block. So someone has caught up to this batch. Be vigilant and on the look out for more.
hxxp://hajayanee.com/directories.html -> hxxp://controlpills.net
hxxp://carrosserieaerni.ch/ascension.html -> hxxp://medicarerxdrugstore.com
hxxp://mallorcaso.com/postprocessor.html -> hxxp://pillpillspharmacy.net
hxxp://firstclassmotorsports.com/screeching.html -> <no response received>
Feel free to tell us about any of your phishing spam email.
--
Kevin Shortt
ISC Handler on Duty
Comments
Visi
Jun 27th 2011
1 decade ago
We could add emails as we see them, and use the same principals to block them...
/shrug
Jeff H.
Jun 27th 2011
1 decade ago
/lurk
lurk
Jun 27th 2011
1 decade ago
Source and target will be added to a blocklist.
Easy and you help others this way.
Jack
Jun 27th 2011
1 decade ago
http://www.spamcop.net/spamgraph.shtml?spammonth
Ken
Jun 27th 2011
1 decade ago
Ken
Jun 27th 2011
1 decade ago