Suspicious email from Coolsocialservice.com

I just received a suspicious email from what looked like my brother’s email address, but actually came from “invite.coolsocialservice.com” (via the header). The message contained an invitation to “Accept” because my brother’s email address says “you’re a friend”. All sort of red flags on this one. Can anyone provide any insight into if this is a phishing attack?

Unfortunately, Avast doesn’t list the site as a malware site, and Google only has a short list of sites matching “coolsocialservice”, including this one which I don’t quite understand: https://www.virustotal.com/en/ip-address/75.126.48.171/information/

My impression is that his is a phishing attempt and clicking would lead to an infection. Here’s the link of the “accept” button (which I’ve attempted to deactivate and with my email addresses removed):
htkktp://t.critsend.com/c.r?v=4+paatgnftwayljmwkfxg4xlzkzjgm5nvsvjgmzsgp25f45t5vwljlnmrkj3guwsjnwiynmszoziwac4jagkdcnrqgiytbnbrguz5jmzripiad5gaz3q======+5355@critsend.com&u=http%3A//invites.coolsocialservice.com/signup_e.html%3Ffullname%3D%26email%3Dxxxxxxx%40yahoo.com%26invitername%3Dschwabtm%26inviterid%3D37676195%26userid%3D0%26token%3D0%26emailmasterid%3D9f22ffb8-3751-4203-b5ac-7d1902921bb2%26from%3Dxxxxxxxxx%40aol.com%26template%3Dinvite_reg_a%26src%3Dyes

Here’s a screenshot of the message in gmail (with email addresses wiped)

http://postimg.org/image/g1kldatyr/
http://postimg.org/image/g1kldatyr/

this is where the link goes … you have to scroll sideways to see the picture, and click to enlarge

https://urlquery.net/report.php?id=1430255410618

Hi Pondus,

Moreover htxp://login.flipora.com/login.jsp there is on a third party blacklist
Tracking: http://toolbar.netcraft.com/site_report?url=http://login.flipora.com
cdn.mxpnl.com JQuery alert blacklisted → https://www.virustotal.com/nl/domain/cdn.mxpnl.com/information/

polonus