Archiv verlassen und diese Seite im Standarddesign anzeigen : RESERVE (angeblich Citibank)

02.10.2004, 15:27
Return-Path: <support [at] citibank.com>
Delivered-To: poor [at] spamvictim.tld
Received: (qmail 18174 invoked from network); 2 Oct 2004 xx:xx:xx +0200
Received: from unknown (HELO (
by mail2.dnsg.net with SMTP; 2 Oct 2004 xx:xx:xx +0200
Received: from by; Sat, 02 Oct 2004 xx:xx:xx -0100
Message-ID: [ID filtered]
From: "Customer Support" <support [at] citibank.com>
Reply-To: "Customer Support" <support [at] citibank.com>
To: poor [at] spamvictim.tld
Subject: RESERVE
Date: Sat, 02 Oct 2004 xx:xx:xx +0300
X-Mailer: Mailer service 9.0
MIME-Version: 1.0
Content-Type: multipart/alternative;
X-Priority: 3
X-MSMail-Priority: Normal
Dear Customer: Recently there have been a large number of cyber attacks pointing our database servers. In order to safeguard your account, we require you to sign on immediately. This personal check is requested of you as a precautionary measure and to ensure yourselves that everything is normal with your balance and personal information. This process is mandatory, and if you dID: [ID filtered]
Selten so eine miserable Fälschung gesehen - und dann erhielt ich sie noch unter einem falschen Namen...
Genau so, wie oben ersichtlich, kam der Text an. http://img.homepagemodules.de/grin.gifhttp://img.homepagemodules.de/grin.gifhttp://img.homepagemodules.de/grin.gif

02.10.2004, 18:21
allemalachn :
aus dem HTML-Code der Seite
<form name="Citidetails" method="post" runat="vdaemon" action="process.php"><input type="hidden" name="PHPSESSID" value="bfcba5eba8ad420987a5f2e336923c8d" />
. <a href=file:///F</a>]file:///F|scam/scripts2/scripts/so.gif"http://img.homepagemodules.de/rolling_eyes.gif width="62" height="15">

02.10.2004, 18:35
Muahahahaha. Scam ausm Baukasten vermutlich... ohgottschmerztdas :D
"Africans, we count people first while money and other material things come after." -- Ann, 419 scammer
Spammer, go to http://www.arghcor.de/