No, we all have.  This one is apparently different, here's a link to what
they were talking about:

http://en.wikipedia.org/wiki/Fast_flux




On Tue, May 31, 2011 at 2:57 PM, David Lum <[email protected]> wrote:

> Old news dude, I've been seeing those for about a year, maybe more. Some
> are UPS, other USPS, others FedEx.
>
> Dave
>
> -----Original Message-----
> From: Ziots, Edward [mailto:[email protected]]
> Sent: Tuesday, May 31, 2011 11:15 AM
> To: NT System Admin Issues
> Subject: Malware Heads Up targeted attacks Heads up
>
> Just seen this one today, (IE Don't click on the link)
>
> This is the known bad webpage:
> http://www.usps.com.track05.com/shipping/trackandconfirm.php?navigation=
> 1&respLang=Eng&resp=493092049503922
>
> IP Origin is: 2 IP Addresses, could be the start of a possible Fast Flux
> Domain.
> > www.usps.com.track05.com
>
> Non-authoritative answer:
> Name:    p8p.geo.mf0.yahoodns.net
> Addresses:  67.195.145.141
>          67.195.145.142
> Aliases:  www.usps.com.track05.com
>
> Hostname  p8p-a.geo.vip.sp1.yahoo.com     ISP  Yahoo
>  Continent North America     Flag
>  Country United States     Country Code US (USA)
>  Region California    Local time* 31 May 2011 11:10
>  Metropolis*  San Francisco-Oakland-San Jose     Postal Code 94089
>  City Sunnyvale     Latitude 37.4249
>  IP Address  67.195.145.141    Longitude -122.0074
>
>
>
> Dear Customer,
>
> We attempted to deliver your item at 1:37 pm on May 30, 2011 and a
> notice was left. You may arrange redelivery by clicking the link below
> or pick up the item at the Post Office indicated on the notice. If this
> item is unclaimed after 15 days then it will be returned to the sender.
>
> Label/Receipt Number: 0464 5675 5443 4424 3456
> Expected Delivery Date: May 30, 2011
> Class: Package Services
> Service(s): Delivery Confirmation
> Status: Notice Left
>
> To check on the delivery status of your mailing or arrange redelivery
> please visit our website:
> http://www.usps.com.track05.com/shipping/trackandconfirm.php?navigation=
> 1&respLang=Eng&resp=493092049503922
>
> Please make sure to print out your invoice in order to collect your
> package at our Post Office:
> http://www.usps.com.track05.com/shipping/invoice.php?navigation=1&respLa
> ng=Eng&resp=39039194833849
>
> We're here to help. Call 1-800-ASK-USPS!
>
>
> Edward E. Ziots
> CISSP, Network +, Security +
> Security Engineer
> Lifespan Organization
> Email:[email protected]
> Cell:401-639-3505
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to [email protected]
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to [email protected]
> with the body: unsubscribe ntsysadmin
>
>


-- 
David

_____________________

*"The right to be let alone – the most comprehensive of rights and the right
most valued by civilized men."*

– Supreme Court Justice Louis Brandeis, Olmstead v. U.S., 277 U.S. 438
(1928)

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

Reply via email to