Looks like it's the turn of the IMDB to be spoofed. Same gang responsible, not surprisingly.
In this case, the link leads to;
Which redirects to;
IP PTR: Resolution failed
ASN: 197071 220.127.116.11/23 INTERWERK INTERWERK - Rotorfly Europa GmbH & Co. KG
Other domains seen on this IP (you can also keep up with them via the hpHosts website)
And I've no doubt there's more I'm not yet aware of.
The link of course, doesn't lead to secure.imdb.com, which if you're sensible and have HTML email turned off, will be immediately obvious to you. Instead, it leads to the loekieschroder.nl domain, and then to the fake meds domain.
Still trying to determine which botnet is responsible for these.
Fake meds spam spoofing Microsoft
Alert: Fake meds spam impersonating Digg