Here is a phish that popped up last week. It was sent from Salesforce servers and links to a Facebook page. The payload page on Facebook was taken down before I was able to view it so I do not know what the payload was. Note the urgency the phisher tries to create in order to get the victim to click the link immediately.
