Malware alert, fake Google message

Garreg Ddu

Gweinyddwr
Staff member
The link in this email leads to a "PHP" file on the infected site, which attempts to download a Trojan, "JS:Redirector-BZS"

PLEASE DO NOT CLICK ON THE LINK

==========================================

Authentication-Results: spf=none (sender IP is 81.169.201.219)Received: from mail.futuremedia-computer.de ([81.169.201.219]) by COL004-MC5F28.hotmail.com

Origin IP Address = 81.169.201.219 = Strato Rechenzentrum, Germany, Berlin, Berlin


To: ***************
Date: Fri, 3 Mar 2017 23:03:44 +0000
Subject: Returned email message ****************
From: GoogleTeam <drmosinee@mail2persephone.com>
Return-Path: drmosinee@mail2persephone.com
CMM-sender-ip: 81.169.201.219
CMM-sending-ip: 81.169.201.219
CMM-Authentication-Results: hotmail.com; spf=none (sender IP is
81.169.201.219) smtp.mailfrom=drmosinee@mail2persephone.com; dkim=none
header.d=mail2persephone.com; x-hmca=none
header.id=drmosinee@mail2persephone.com
SenderIP:81.169.201.219;WIMS-SPF:mail2persephone%2ecom;WIMS-

Anna Ali (Google Team) has sent you a message:

3/03/2017
Returned email message.

Learn more ..... The link leads to a site "shanediesel.com" which has an infected file, serviceable.php


Don't want occasional updates about Google activity? Change what email Google Team sends you.
 
Top