Hello, Here some more of those:
hxxp://demurf.com/login.html hxxp://dexoim.com/login.html hxxp://himmdea.com/login.html hxxp://hunerim.com/login.html hxxp://jerrrood.com/login.html hxxp://jimmedy.com/login.html hxxp://jioece.com/login.html hxxp://jioeres.com/login.html hxxp://klainey.com/login.html hxxp://maginele.com/login.html hxxp://merypx.com/login.html hxxp://mietcy.com/login.html hxxp://mkeiop.com/login.html hxxp://nbiueh.com/login.html hxxp://nilesi.com/login.html hxxp://niytec.com/login.html hxxp://nnerdix.com/login.html hxxp://noiekr.com/login.html hxxp://poemils.com/login.html hxxp://ynekof.com/login.html -- Michael ----- Original Message ----- > Malware paylod at: > > noiekr .com/login.html > Definitely fast-flux - about 20 hosts > > Sent from > 75.147.175.225 > 75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net > > This is the second phish/malware I have gotten from comcastbusiness.net > hosts. Time to email the company. > > -- > Steve > Equal bytes for women. > > ---------- Forwarded message ---------- > Return-Path: <[EMAIL PROTECTED]> > Received: from > 75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net > (75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net > [75.147.175.225] (may be forged)) > by mail.pirk.com (8.14.1/8.12.0.Beta19) with ESMTP id m7SEXSVH026064 > for <[EMAIL PROTECTED]>; Thu, 28 Aug 2008 07:33:28 -0700 > Message-ID: <[EMAIL PROTECTED]> > From: "Update Department" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: Capital One Bank News - Read About the Latest updates > Date: Thu, 28 Aug 2008 13:41:16 +0000 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="----=_NextPart_000_0004_01C90922.04E4D84A" > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2720.3000 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300 > > CAPITAL ONE BANK CRITICAL UPDATE, AUGUST 28TH 2008 > > Critical Updates are intended to fix potential security risks in Business Objects of Capital One Bank. > Critical Update is available to remove unacceptable symbols from the wire submission page that is included with Capital One Bank Treasury Optimizer. > These updates are highly recommended to ensure the security of all Capital One Bank products. > > To start update follow the Verification Link>> > > Sincerely, Milo Fischer. > 2008 Capital One Services, Inc. > > _______________________________________________ > botnets@, the public's dumping ground for maliciousness > All list and server information are public and available to law enforcement upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ botnets@, the public's dumping ground for maliciousness All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets