08: Received: from mail.com (209-181-158-196.omah.qwest.net [209.181.158.196])
09: by mx.gmail.com with SMTP ID: [ID filtered]
10: Fri, 15 Sep 2006 xx:xx:xx -0700 (PDT)
11: Received-SPF: neutral (gmail.com: 209.181.158.196 is neither permitted nor denied by
12: best guess record for domain of poor [at] spamvictim.tld)
13: Message-ID: [ID filtered]
14: From: <accounts [at] westernunion.com>
15: Subject: Western Union - PLEASE UPDATE INFORMATION
16: Date: Fri, 15 Sep 2006 xx:xx:xx -0500
17: MIME-Version: 1.0
18: Content-Type: text/html;
19: charset="Windows-1251"
20: Content-Transfer-Encoding: 7bit
21: X-Priority: 3
22: X-MSMail-Priority: Normal
23: X-Mailer: Microsoft Outlook Express 6.00.2600.0000
24: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Dear Western Union Member,
Thank you for using online montey transfer servives with Western Union. We'd like to take this opportunity to welcome you into the Western Union family of services. We're looking forward to assisting you with your money transfer needs now and in the future.
Although, due to your recent account activity, your information needs to be updated and verified so that we can confirm that only you confirm your account, so further confirmations of your identity won't be needed. Please take a moment to verify this information here, at Western Union's update login page.
whois:
[Link nur für registrierte Mitglieder sichtbar. ]
Visit us at whois:
[Link nur für registrierte Mitglieder sichtbar. ] to:
* Send money
* Check the status of your order
* Search over 225,000 worldwide locations to find an Agent near you
* Learn about other Western Union services
We are continually improving our web site to better serve you. Be sure to check back with whois:
[Link nur für registrierte Mitglieder sichtbar. ] in the future as we add exciting new services to meet your financial needs.
Thank you for using westernunion.com!
Geändert von Gool (20.09.2006 um 16:53 Uhr)
Grund: WHOIS-Tags gesetzt
Please take a moment to verify this information here, at Western Union's update login page.
Bist Du Dir sicher, den richtigen Spamlink angegeben zu haben? Auch wenn dieser Link nicht existiert (und bei HTTPS zu einem Zertifikatsfehler führt), ist das durchaus die Domain von Western Union.
Muss nicht unbedingt Western Union Phishing sein, kann auch sein, dass hier ein Mugu wieder Mailkonten abphishen will:
header:
01: Received: from unknown (EHLO mail.csweb.net) [12.69.180.2]
02: by mx0.gmx.net (mx108) with SMTP; 22 Aug 2011 xx:xx:xx +0200
03: Received: from [64.19.23.122] by mail.csweb.net [192.168.1.12] with
04: SmartMax MailMax for xxxxx; Mon, 22 Aug 2011 xx:xx:xx -0500
05: X-SmartMax-AuthUser: joanna
This is a service email from Western Union.
Account Action Required: Please Update Your Profile whois:
[Link nur für registrierte Mitglieder sichtbar. ]
Western Union Communications - Your Action Is Necessary!
Dear member,
All of us at Western Union wanted to share some great news with you.
As a valued customer, we would like to contact you occasionally about
service
improvements, loyalty program benefits, discounts, and promotions. We
have made
improvements to our customer database, and in order for us to send
what's most
relevant to you we need to update our records to confirm you have given us
permission to receive future marketing and promotional communications from
Western Union. No action is necessary if you wish to continue to receive
marketing or promotional communications, however if you choose to not
receive
(opt-out of) future communications, please update your profile whois:
[Link nur für registrierte Mitglieder sichtbar. ]
by
August 10, 2011. This will help ensure that you get the information you
want
while reducing inbox clutter at the same time.
If you haven't updated your profile click HERE whois:
[Link nur für registrierte Mitglieder sichtbar. ].
We appreciate your time in helping us provide you the best service we can.
Sincerely,
Your Western Union Team
Please read the Western Union Privacy Policy whois:
[Link nur für registrierte Mitglieder sichtbar. ]
to
learn more about our privacy practices. You will always have the ability to
opt-out at any time in the future. Note: Your personal information
provided for
the services requested are not subject to your choice and may be shared to
fulfill our service obligations or as required or permitted by law.
If you suspect any email may be fraudulent, type www.westernunion.com whois:
[Link nur für registrierte Mitglieder sichtbar. ]
into your web browser to send money.
Western Union Financial Service, Inc. whois:
[Link nur für registrierte Mitglieder sichtbar. ]
PO
Box 4430 Bridgeton, MO 63044
mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....
Ausserdem fordere ich die Abschaffung aller Affiliate-Programme, da mir bis heute niemand ein 100 % seriöses Affiliate-Programm benennen konnte.
03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: for xxxxx; Wed, 14 Dec 2011 xx:xx:xx +0100 (CET)
05: Received: from User ([204.93.169.113]) by bravetours.com with MailEnable
06: ESMTP; Tue, 13 Dec 2011 xx:xx:xx +0200
IP: 204.93.169.113 ---> unknown.ord.scnet.net
Western Union Logo
Western Union
*Dear Extreme Members:*
You have received this email because your account was accessed in a
different
location. For security reasons, we are required to open an investigation
into
this matter. We recently notified you through online message centre but
you did
not take action. This message serves as last reminder. To re-activate your
account, you are advised to follow the procedures below.
1. Click whois:
[Link nur für registrierte Mitglieder sichtbar. ] whois:
[Link nur für registrierte Mitglieder sichtbar. ]
2. Update Your Personal Information.
The update process is completed and your account will be activated
immediately.
Do not forget to sign off when you are done.
Thanks for helping us to serve you better.
Western Union® Online <www> Security Plus Our commitment .
Und das mit der Rechtschreibung muss Phiski auch noch mal üben...
mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....
Ausserdem fordere ich die Abschaffung aller Affiliate-Programme, da mir bis heute niemand ein 100 % seriöses Affiliate-Programm benennen konnte.
01: Received: from uksbs01.ukhq.local (host81-138-151-46.in-addr.btopenworld.com
02: [81.138.151.46])
03: by x (Postfix) with ESMTP ID: [ID filtered]
04: for <x>; Thu, 3 May 2012 xx:xx:xx +0200 (CEST)
05: Received: from USER ([94.242.219.26]) by uksbs01.ukhq.local with Microsoft
06: SMTPSVC(6.0.3790.4675);
07: Thu, 3 May 2012 xx:xx:xx +0100
whois:
[Link nur für registrierte Mitglieder sichtbar. ]
[html]<span class="btnContinueFX"><a href="javascript:refreshSigninServerErrors();refreshCaptchaSubmit();submitMyProf ile();"><span class="forcebtnContinue_text" style="text-transform:none">
Sign In
</span>[/html]
Phishing via JavaScript - da weiß man was man hat mit Firefox und NoScript (außer tausend Abstürzen seit Version 12 )...
Zitat von Scammy
Dear Western Union valued customer,
You received this email as a notice for the database update for this month. This update is designed by our IT engineers to provide higher security to our customers online accounts, prevent unauthorized account access and other types of online fraud.
You are required to update your online profile by clicking on the following link:
Click here to access your online profile
Please note that this a one-time task that will take only 3-5 minutes of your precious time. However, failure in updating your profile will result in limiting your account access. We appologize for any inconvenience.
Thank you,
George H. Scott,
IT Assistant,
Western Union.
Villains who twirl their mustaches are easy to spot.
Those who cloak themselves in good deeds are well camouflaged.
Ist aber schon tot. Anscheinend kann man da beliebige Subdomains einrichten.
mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....
Ausserdem fordere ich die Abschaffung aller Affiliate-Programme, da mir bis heute niemand ein 100 % seriöses Affiliate-Programm benennen konnte.
Western Union Spam, schade nur dass es der Spam-Filter nicht herausgefischt hat
Hallo,
heute hier aufgeschlagen:
ttn:Beneficiary,
we wish to inform you that your name was listed as one of the scammed victims approved for western union compensation refunds of $10,000 daily, we shall pay you $10,000 daily till payment is effected completely.
Reconfirm your receivers information
Name:
Address
Location:
City:
State:
Country
Phone:
we await your immediate update
Regards,
John Brown.
Denkt der ,ich bin so dusselig und gebe ihm alle meine Daten ?
header:
01: Return-Path: [schnipp]@web.de
02: Delivered-To: GMX delivery to [schnapp]@gmx.de
15: Received: from User (adsl-074-239-178-178.sip.gsp.bellsouth.net
16: [74.239.178.178])
17: (Authenticated sender: admin)
18: by mycloud-hk.com (Postfix) with ESMTPA ID: [ID filtered]
19: Wed, 11 Jul 2012 xx:xx:xx +0800 (CST)
20: Reply-To: <jb5050 [at] rediffmail.com>
21: From: "Western union compensation®"<compensation505 [at] westernunion.com>
Offensichtlich über Brutforce-Attacke bei GMX abgeladen.
Gruss
Isenaecher
Geändert von Mittwoch (12.07.2012 um 18:52 Uhr)
Grund: Maladressen im Header entfernt, da nicht ausgeschlossen werden kann, dass diese unbeteiligten Dritten gehören
Alleine das reicht mir schon: das ist kein Phisher, sondern ein Mugu. Dazu kommt dann noch Rediffmail, ein typischer Mugu-Freemailer aus Indien.
mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....
Ausserdem fordere ich die Abschaffung aller Affiliate-Programme, da mir bis heute niemand ein 100 % seriöses Affiliate-Programm benennen konnte.
Lesezeichen