I just received a suspicious email from what looked like my brother’s email address, but actually came from “invite.coolsocialservice.com” (via the header). The message contained an invitation to “Accept” because my brother’s email address says “you’re a friend”. All sort of red flags on this one. Can anyone provide any insight into if this is a phishing attack?
Unfortunately, Avast doesn’t list the site as a malware site, and Google only has a short list of sites matching “coolsocialservice”, including this one which I don’t quite understand: https://www.virustotal.com/en/ip-address/75.126.48.171/information/
My impression is that his is a phishing attempt and clicking would lead to an infection. Here’s the link of the “accept” button (which I’ve attempted to deactivate and with my email addresses removed):
htkktp://t.critsend.com/c.r?v=4+paatgnftwayljmwkfxg4xlzkzjgm5nvsvjgmzsgp25f45t5vwljlnmrkj3guwsjnwiynmszoziwac4jagkdcnrqgiytbnbrguz5jmzripiad5gaz3q======+5355@critsend.com&u=http%3A//invites.coolsocialservice.com/signup_e.html%3Ffullname%3D%26email%3Dxxxxxxx%40yahoo.com%26invitername%3Dschwabtm%26inviterid%3D37676195%26userid%3D0%26token%3D0%26emailmasterid%3D9f22ffb8-3751-4203-b5ac-7d1902921bb2%26from%3Dxxxxxxxxx%40aol.com%26template%3Dinvite_reg_a%26src%3Dyes
Here’s a screenshot of the message in gmail (with email addresses wiped)
http://postimg.org/image/g1kldatyr/
http://postimg.org/image/g1kldatyr/