Search FraudFYI

Monday, August 10, 2015

MALWARE ALERT! MALWARE email from Parvari aka Ansari obaidul@renata-ltd.com www.al-nusrat.com +91-2020136921 +91-512267176

DO NOT OPEN THE .htm FILE ATTACHED TO THIS EMAIL!  The .htm file redirects you to http://al-nusrat.com/images/prod/w-l-belts/webmail/dhltracking/dhltracking/dhltrackinglink.htm which has been reported by multiple engines as MALICIOUS!

https://www.virustotal.com/en/url/d80de97fcad0554450d3c10c098dbdfe0035d974072d7a48423be3c4298ab7b3/analysis/1439211782/
URL Scanner     Result
BitDefender     Malware site
CRDF     Malicious site
Fortinet     Phishing site
G-Data     Malware site
Google Safebrowsing     Phishing site
Kaspersky     Phishing site
Netcraft     Malicious site
Opera     Malicious site
Sophos     Malicious site
If you have opened this file, run a full virus scan as soon as possible.  You can download free versions from safe websites such as https://www.malwarebytes.org/ and http://free.avg.com/us-en/homepage

Originating IP: 154.118.14.44
Originating ISP: Spectranet Ltd
City: Lagos
Country of Origin: Nigeria

from: Ansari <obaidul@renata-ltd.com> 
to: Recipients <obaidul@renata-ltd.com>
date: Sun, Aug 9, 2015 at 11:27 PM
subject: Shipping Document

PLEASE CONFIRM AND REVERT BACK TO US TREAT URGENT.

Best regards,
PARVARI,
Tel: (+91) 20 201 36 921
Fax: (+91 51) 226 7176

attachment; filename="Shipping Doc.htm"
In the .html code:

<meta http-equiv="REFRESH"content="url=http://al-nusrat.com/images/prod/w-l-belts/webmail/dhltracking/dhltracking/dhltrackinglink.htm">

Posted by at
Labels: ,

No comments:

Post a Comment

Thank you for commenting! Your comment will be reviewed and posted shortly!

Subscribe to: Post Comments (Atom)