corlis
30.09.2005, 18:05
Heute bei mir eingeschlagen:
From - Fri Sep 30 xx:xx:xx 2005
X-UIDL: [UID filtered]
X-Mozilla-Status: 1001
X-Mozilla-Status2: 00000000
Received: from [200.75.31.235] (helo=mail.via.cl)
by mx23.web.de with esmtp (WEB.DE 4.105 #297)
ID: [ID filtered]
for poor [at] spamvictim.tld; Wed, 28 Sep 2005 xx:xx:xx +0200
Received: by mail.via.cl (Postfix, from userID: [ID filtered]
ID: [ID filtered]
To: poor [at] spamvictim.tld
Subject: PayPal Notice: ( Your Account Has Been Suspended. )
Message-ID: [ID filtered]
From: <support [at] paypal.com>
Content-Type: text/html
Date: Wed, 28 Sep 2005 xx:xx:xx -0400 (CLT)
Sender: mcortes [at] via.cl
Inhalt:
Erstmal ein Paypal-Logo
http://images.paypal.com/en_US/i/logo/email_logo.gif
allerdings verlinkt auf:
http://host.yahoosense.com/~temp/%20/www.paypal.com/update/secure/cgi-bin/webscrcmd_login.php
weitere Bilder wurden ebenfalls von images.paypal.com entnommen.
Dann folgt der Text:
Notification of Limited Account Access
As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:
Unusual account activity has made it necessary to limit sensitive account features until additional verification information can be collected.
We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
Case ID: [ID filtered]
Click here to verify your account
Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
If you choose to ignore our request, you leave us no choice but to temporary suspend your account.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.
To receive email notifications in plain text instead of HTML, update your preferences here.
Jegliche sonstigen Links verlinken auf:
ht tp://www . paypalupdate . ve . gs/
Ziemlich dummer Fisch allerdings...
Die Mail stammt offensichtlich aus Chile, über gtdinternet.com (das mit via.cl scheint also zu stimmen, es sei denn, ich hab was übersehen :P)
ve.gs ist übrigens ein spanischer Freehoster, der übrigens auch schon reagiert hat (Dominiosfree.com no permite el SPAM!)
Werden die Phisher eigentlich immer dümmer?
From - Fri Sep 30 xx:xx:xx 2005
X-UIDL: [UID filtered]
X-Mozilla-Status: 1001
X-Mozilla-Status2: 00000000
Received: from [200.75.31.235] (helo=mail.via.cl)
by mx23.web.de with esmtp (WEB.DE 4.105 #297)
ID: [ID filtered]
for poor [at] spamvictim.tld; Wed, 28 Sep 2005 xx:xx:xx +0200
Received: by mail.via.cl (Postfix, from userID: [ID filtered]
ID: [ID filtered]
To: poor [at] spamvictim.tld
Subject: PayPal Notice: ( Your Account Has Been Suspended. )
Message-ID: [ID filtered]
From: <support [at] paypal.com>
Content-Type: text/html
Date: Wed, 28 Sep 2005 xx:xx:xx -0400 (CLT)
Sender: mcortes [at] via.cl
Inhalt:
Erstmal ein Paypal-Logo
http://images.paypal.com/en_US/i/logo/email_logo.gif
allerdings verlinkt auf:
http://host.yahoosense.com/~temp/%20/www.paypal.com/update/secure/cgi-bin/webscrcmd_login.php
weitere Bilder wurden ebenfalls von images.paypal.com entnommen.
Dann folgt der Text:
Notification of Limited Account Access
As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:
Unusual account activity has made it necessary to limit sensitive account features until additional verification information can be collected.
We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
Case ID: [ID filtered]
Click here to verify your account
Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
If you choose to ignore our request, you leave us no choice but to temporary suspend your account.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.
To receive email notifications in plain text instead of HTML, update your preferences here.
Jegliche sonstigen Links verlinken auf:
ht tp://www . paypalupdate . ve . gs/
Ziemlich dummer Fisch allerdings...
Die Mail stammt offensichtlich aus Chile, über gtdinternet.com (das mit via.cl scheint also zu stimmen, es sei denn, ich hab was übersehen :P)
ve.gs ist übrigens ein spanischer Freehoster, der übrigens auch schon reagiert hat (Dominiosfree.com no permite el SPAM!)
Werden die Phisher eigentlich immer dümmer?