More Paypal Phish
Posted by Dave Yadallee on
From - Thu May 30 05:18:32 2013
X-Account-Key: account1
X-UIDL: 00001b794f5d9180
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 May 2013 02:49:32 -0600
Received: from relais.videotron.ca ([24.201.245.36])
by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)
(envelope-from)
id 1UhyXz-0007nG-5S
for dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 02:49:31 -0600
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)"
Received: from [192.168.1.10] ([135.19.80.127]) by VL-VM-MR001.ip.videotron.ca
(Oracle Communications Messaging Exchange Server 7u4-22.01 64bit (built Apr 21
2011)) with ESMTP id <0MNL00G6BSF88G90@VL-VM-MR001.ip.videotron.ca> for
dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 04:49:22 -0400 (EDT)
Message-id: <0MNL00GBNSHX8G90@VL-VM-MR001.ip.videotron.ca>
Subject: PayPal Service - Security Measure
To: Recipients
From: Service PayPal
Date: Thu, 30 May 2013 04:48:44 -0400
X-Spam_score: 5.0
X-Spam_score_int: 50
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: PayPal PayPal account information: Hello, We have recently
determined that differents computers are connected to your account, and spend
a lot of chess were present before the login. Therefore, your account has
been suspended. To recover your PayPal account, you'll need to update your
account information. [...]
Content analysis details: (5.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 RCVD_IN_UCE_PFSM_1 RBL: Received via a relay in UCE_PFSM_1
[24.201.245.36 listed in dnsbl-1.uceprotect.net]
2.0 RCVD_IN_SPAMCANNIBAL RBL: Received via a relay in SpamCannibal
[24.201.245.36 listed in bl.spamcannibal.org]
1.0 RCVD_IN_BACKSCATTER RBL: Received via a relay in Backscatter.org
[24.201.245.36 listed in ips.backscatterer.org]
Subject: {SPAM?} PayPal Service - Security Measure
You will not see this in a MIME-aware mail reader.
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)
MIME-version: 1.0
Content-type: text/plain; CHARSET=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
PayPal
PayPal account information:
Hello,
We have recently determined that differents computers are connected to your account,
and spend a lot of chess were present before the login.
Therefore, your account has been suspended. To recover your PayPal account, you'll need to update your account information.
It will be easy!
Download the attached and open it in a browser window secure.
Once opened, you will be provided with steps to restore your access and follow the instructions..
Sincerely,
PayPal
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)
MIME-version: 1.0
Content-type: text/html; NAME=formulaire.html; charset=iso-8859-1
Content-transfer-encoding: quoted-printable
Content-disposition: attachment; filename=formulaire.html
Donn=E9es de facturation
100%' height=3D"100%" >
=
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)--
X-Account-Key: account1
X-UIDL: 00001b794f5d9180
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 May 2013 02:49:32 -0600
Received: from relais.videotron.ca ([24.201.245.36])
by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)
(envelope-from
id 1UhyXz-0007nG-5S
for dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 02:49:31 -0600
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)"
Received: from [192.168.1.10] ([135.19.80.127]) by VL-VM-MR001.ip.videotron.ca
(Oracle Communications Messaging Exchange Server 7u4-22.01 64bit (built Apr 21
2011)) with ESMTP id <0MNL00G6BSF88G90@VL-VM-MR001.ip.videotron.ca> for
dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 04:49:22 -0400 (EDT)
Message-id: <0MNL00GBNSHX8G90@VL-VM-MR001.ip.videotron.ca>
Subject: PayPal Service - Security Measure
To: Recipients
From: Service PayPal
Date: Thu, 30 May 2013 04:48:44 -0400
X-Spam_score: 5.0
X-Spam_score_int: 50
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: PayPal PayPal account information: Hello, We have recently
determined that differents computers are connected to your account, and spend
a lot of chess were present before the login. Therefore, your account has
been suspended. To recover your PayPal account, you'll need to update your
account information. [...]
Content analysis details: (5.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 RCVD_IN_UCE_PFSM_1 RBL: Received via a relay in UCE_PFSM_1
[24.201.245.36 listed in dnsbl-1.uceprotect.net]
2.0 RCVD_IN_SPAMCANNIBAL RBL: Received via a relay in SpamCannibal
[24.201.245.36 listed in bl.spamcannibal.org]
1.0 RCVD_IN_BACKSCATTER RBL: Received via a relay in Backscatter.org
[24.201.245.36 listed in ips.backscatterer.org]
Subject: {SPAM?} PayPal Service - Security Measure
You will not see this in a MIME-aware mail reader.
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)
MIME-version: 1.0
Content-type: text/plain; CHARSET=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
PayPal
PayPal account information:
Hello,
We have recently determined that differents computers are connected to your account,
and spend a lot of chess were present before the login.
Therefore, your account has been suspended. To recover your PayPal account, you'll need to update your account information.
It will be easy!
Download the attached and open it in a browser window secure.
Once opened, you will be provided with steps to restore your access and follow the instructions..
Sincerely,
PayPal
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)
MIME-version: 1.0
Content-type: text/html; NAME=formulaire.html; charset=iso-8859-1
Content-transfer-encoding: quoted-printable
Content-disposition: attachment; filename=formulaire.html
100%' height=3D"100%" >
=
--Boundary_(ID_fFcgTPNhCnbJ6rNLOS8J1Q)--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments