header: 01: Return-Path: <nobody [at] host60.ipowerweb.com> 02: X-Flags: 1000 03: Delivered-To: GMX delivery to mymail [at] gmx.net 04: Received: (qmail invoked by alias); 04 Dec 2005 19:16:38 -0000 05: Received: from host60.ipowerweb.com (EHLO host60.ipowerweb.com) [66.235.195.160] 06: by mx0.gmx.net (mx013) with SMTP; 04 Dec 2005 20:16:38 +0100 07: Received: from nobody by host60.ipowerweb.com with local (Exim 4.43) 08: id 1EizLX-00029I-TX 09: for mymail [at] gmx.net; Sun, 04 Dec 2005 11:16:28 -0800 10: To:mymail [at] gmx.net 11: Subject: Bank of America - Important Online Banking Alert 12: From: <service [at] bankofamerica.com> 13: Reply-To:service.no.reply [at] bankofamerica.com 14: MIME-Version: 1.0 15: Content-Type: text/html 16: Content-Transfer-Encoding: 8bit 17: Message-Id: <E1EizLX-00029I-TX [at] host60.ipowerweb.com> 18: Date: Sun, 04 Dec 2005 11:16:27 -0800 19: X-AntiAbuse: This header was added to track abuse, please include it with any abuse 20: report 21: X-AntiAbuse: Primary Hostname - host60.ipowerweb.com 22: X-AntiAbuse: Original Domain - gmx.net 23: X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] 24: X-AntiAbuse: Sender Address Domain - host60.ipowerweb.com 25: X-GMX-Antivirus: -1 (not scanned, may not use virus scanner) 26: X-GMX-Antispam: 0 (Mail was not recognized as spam) 27: X-GMX-UID: wCXhY5hYeSEkfxHObHQhaXN1IGRvb8Dt
Mail-Text: (HTML)
[Bank of America]
[Your privacy and security partner]
Protecting your information
Ensuring your accounts are secure
Providing safety tips
{Learn more} (LINK)
[Privacy Policies]
{Your privacy is our priority} (LINK)
[Online Banking]
{Safe, secure, and easy to use} (LINK)
Dear Customer (Mymail @ gmx.net ),
We recently noticed an attempts to log in to your online banking account from a foreign IP address and we found one or more your information changed. Because of that we have reasons to believe that your account was used by a third party without your authorization.
The login attempt was made from:
IP Address : 172.25.210.66 (Private block address)
ISP Host : cache-66.proxy.aol.com
Login Date : 04-December-2005
If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you. Therefore, if you are the rightful account holder, click on the link below to log into your account and follow the instructions.
{https:// www.bankofamerica.com/cgi-bin/ias/1580602/1/bofa/ibd/IAS/sso.login.controller}
(So sieht man den Link; mit dem tatsächlichen Ziel kann ich nichts anfangen!)
We need you to update and confirm your account information that has been changed, so we can verify your information with our new data. If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.
If you received this notice and you are not the authorized account holder, please be aware that at it is in violation of Bank of America online banking policy to represent oneself as another Bank of America online banking user. Such action may also be in violation of local, national, and/or international law. Bank of America is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that impersonators are prosecuted to the fullest extent of the law.
Thank you for your patience as we work together to protect your account.
Sincerely,
Bank of America Account Security Department
Account Manager,
David Renwick
THIS IS A E-MAIL FROM BANK OF AMERICA, AND YOU MAY OPT-OUT FROM OUR E-MAILS AT ANY TIME. IF YOU'D LIKE TO BE OPTED-OUT WITHIN 10 BUSINESS DAYS, PLEASE UPDATE YOUR {E-MAIL PREFERENCES}.
The security and confidentiality of your personal information is important to us. BECAUSE E-MAIL IS NOT A SECURE FORM OF COMMUNICATION, THIS E-MAIL BOX IS NOT EQUIPPED TO HANDLE REPLIES. If you are a Bank of America customer and have sensitive account-related questions, please call the phone number provided on your account statement or the appropriate phone number indicated in the following "Contact Us" link so we can properly verify your identity. For all other questions or comments, please use the Web forms available via {Contact Us}.
We respect your privacy, and you can rest assured that we protect your information, including your e-mail address, and will never sell or share it with marketers outside Bank of America. To find out more, please read our {Privacy Policy}.
Bank of America E-mail, 6th Floor, 101 North Tryon Street, Charlotte, NC 28255-0001
From BankOfAmerica Thu Jun 15 02:19:04 2006
X-Apparently-To:
[Link nur für registrierte Mitglieder sichtbar. ] via 217.12.10.225; Wed, 14 Jun 2006 19:19:28 -0700
X-YahooFilteredBulk: 69.16.197.229
X-Originating-IP: [69.16.197.229]
Return-Path: <
[Link nur für registrierte Mitglieder sichtbar. ]>
Authentication-Results: mta112.mail.mud.yahoo.com from=bankofamerica.com; domainkeys=neutral (no sig)
Received: from 69.16.197.229 (EHLO fhs.globehosting.net) (69.16.197.229) by mta112.mail.mud.yahoo.com with SMTP; Wed, 14 Jun 2006 19:19:28 -0700
Received: from nobody by fhs.globehosting.net with local (Exim 4.52) id 1FqhRo-0000uv-7B for
[Link nur für registrierte Mitglieder sichtbar. ]; Thu, 15 Jun 2006 05:19:04 +0300
An:
[Link nur für registrierte Mitglieder sichtbar. ] [Bearbeiten - Löschen]
Betreff: Bank Account Update Alert!
Von: "BankOfAmerica" <
[Link nur für registrierte Mitglieder sichtbar. ]> Ins Adressbuch
Antwortadresse:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <
[Link nur für registrierte Mitglieder sichtbar. ]>
Datum: Thu, 15 Jun 2006 05:19:04 +0300
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - fhs.globehosting.net
X-AntiAbuse: Original Domain - yahoo.de
X-AntiAbuse: Originator/Caller UID/GID - [99 501] / [47 12]
X-AntiAbuse: Sender Address Domain - fhs.globehosting.net
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -DSSL
X-Source-Dir: onlyfreeservers.com:/public_html/users/jchman/fooling
Content-Length: 1585
Security Update Alert
--------------------------------------------------------------------------------
Bank Of America is constantly working to increase security for all Online Banking users. To ensure the integrity of our online payment system, we periodically review accounts.
Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds.
To lift up this restriction, you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have updated your billing information on records. To initiate the update confirmation process. Please follow the link below and fill in the necessary requirements :
[Link nur für registrierte Mitglieder sichtbar. ] gi-bin/imcpprd. dll/Ctrl.jsp?BV_UseBVCookie=yes
Thank you for your patience as we work together to protect your account.
Sincerely,
Bank of America Customer Service
*Important*
Please update your records on or before 48 hours, a failure to update your records will result in a temporal hold on your funds.
Der Phisher-Link geht nicht, kein Domain-Eintrag im DNS.
Goofy
______________________________ Weisheiten des Trullius L. Guficus, 80 v.Chr.:
"Luscinia, te pedem supplodere audio" - Nachtigall, ick hör dir trapsen
"Vita praediolum eculeorum non est" - Das Leben ist kein Ponyhof
"Avia mea in stabulo gallinario rotam automotam vehit" - Meine Oma fährt im Hühnerstall Motorrad
"Sed illi, dicito: me in ano lambere potest" - Jenem aber, sag es ihm: er kann mich am Arsch lecken
X-Envelope-From: <
[Link nur für registrierte Mitglieder sichtbar. ]>
X-Envelope-To: <
[Link nur für registrierte Mitglieder sichtbar. ]>
X-Delivery-Time: 1155352066
Received: from 192.168.1.200 (pd95b16a7.dip0.t-ipconnect.de [217.91.22.167])
by mailin.webmailer.de (8.13.6/8.13.6) with SMTP id k7C37jEe014041
for <
[Link nur für registrierte Mitglieder sichtbar. ]>; Sat, 12 Aug 2006 05:07:45 +0200 (MEST)
Received: from 89.241.116.188 by ; Sat, 12 Aug 2006 09:06:44 +0500
Message-ID: <
[Link nur für registrierte Mitglieder sichtbar. ]>
From: "Bank of America" <
[Link nur für registrierte Mitglieder sichtbar. ]>
Reply-To: "Bank of America" <
[Link nur für registrierte Mitglieder sichtbar. ]>
To:
[Link nur für registrierte Mitglieder sichtbar. ]
Subject: Your account information needs to be updated
Date: Sat, 12 Aug 2006 10:05:44 +0600
X-Mailer: Internet Mail Service (5.5.2650.21)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--9657933413414031438"
X-Priority: 1
X-MSMail-Priority: High
X-PMFLAGS: 570966400 0 1 PV4KZE8K.CNM
Dear Bank Of America customer,
Due to concerns, for the safety and integrity of the online
banking community we have issued this warning message.
It has come to our attention that your account information needs
to be updated due to inactive members, frauds and spoof reports.
If you could please take 5-10 minutes out of your online experience and renew
your records you will not run into any future problems with the online service.
However, failure to update your records will result in account erasure.
This notification expires on August 14th, 2006.
Once you have updated your account records your internet banking
service will not be interrupted and will continue as normal.
Please follow the link below
and renew your account information:
[Link nur für registrierte Mitglieder sichtbar. ]
Die Phisherseite scheint bei Yuchuu! gehostet zu sein.
Der Link geht offensichtlich auf:
h-t-t-p://onlineid.bankofamerica.com.dfgj.us/kacamaca/index.html
Dort allerdings scheint doch schon der Server geputzt zu sein ("Forbidden").
Geändert von Goofy (12.08.2006 um 13:51 Uhr)
Goofy
______________________________ Weisheiten des Trullius L. Guficus, 80 v.Chr.:
"Luscinia, te pedem supplodere audio" - Nachtigall, ick hör dir trapsen
"Vita praediolum eculeorum non est" - Das Leben ist kein Ponyhof
"Avia mea in stabulo gallinario rotam automotam vehit" - Meine Oma fährt im Hühnerstall Motorrad
"Sed illi, dicito: me in ano lambere potest" - Jenem aber, sag es ihm: er kann mich am Arsch lecken
As the Internet and information technology enable us to expand our services, we are committed to maintaining the trust customers have placed in us for protecting the privacy and security of information we have about you. In order to protect your information against unauthorized access, identity theft and account fraud we earnestly ask you to update your profile.
If you received this notice and you are not the authorized account holder, please be aware that it is in violation of our policy to represent oneself as another Bank of America user. Such action may also be in violation of local, national, and/or international law. Bank of America is committed to assist law enforcement with any inquiries related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the fullest extent of the law.
To confirm your On-Line Safety Account Information please click the link below.
whois:
[Link nur für registrierte Mitglieder sichtbar. ]
Please note:
If we don't receive your account verification within 72 hours from you, we will further lock down your account untill we will be able to contact you by e-mail or phone.
2007 Bank of America Administration. All rights reserved.
Das ganze leitet weiter zu whois:
[Link nur für registrierte Mitglieder sichtbar. ] und diese Seite wurde längst versenkt..
anscheinend gehen die Phisher ins Volle, bei mir schlug Bank of America auf:
header:
01: Received: from 81.9.193.99 (HELO cm-81-9-193-99.telecable.es) (81.9.193.99)
02: by mta155.mail.re4.yahoo.com with SMTP; Tue, 16 Jan 2007 xx:xx:xx -0800
03: Received: from [68.232.48.68] (HELO zipolite.com)
04: by ipromogroup.com with SMTP ID: [ID filtered]
05: for <poor [at] spamvictim.tld>; Tue, 16 Jan 2007 xx:xx:xx -0800
06: Sender: "Bank of America" <manager_9757427662ib [at] bankofamerica.com>
07: From: "Bank of America" <online_id40145912948ib [at] bankofamerica.com>
08: To: "xxx" <poor [at] spamvictim.tld>
09: Subject: Bank of America - important information
10: Sender: "Bank of America" <manager_9757427662ib [at] bankofamerica.com>
11: User-Agent: Internet Mail Service (5.5.2650.21)
12: X-Mailer: Internet Mail Service (5.5.2650.21)
13: X-Priority: 3 (Normal)
14: MIME-Version: 1.0
15: Content-Type: multipart/related;
16: boundary="A7ENUJGKAVXGSFT6.C3EJJ"
17: X-CheckCompat: OK
Url verweist auf: whois:
[Link nur für registrierte Mitglieder sichtbar. ]
Chris
Die Signatur befindet sich aus technischen Gründen auf der Rückseite dieses Beitrages!
Dieser Eintrag wurde extrem umweltfreundlich, aus wiederverwendeten Buchstaben gelöschter E-Mails geschrieben und ist vollständig digital abbaubar.
„Ich fürchte den Tag, wenn Technologie unsere Wechselbeziehungen beeinflusst, die Welt wird Generationen von Idioten haben.” Albert Einstein1879-1955
„Die ältesten Wörter sind die besten und die kurzen die allerbesten." Sir Winston Churchill1874–1965
"Nur die Lüge braucht die Stütze der Staatsgewalt, die Wahrheit steht von alleine aufrecht."Thomas Jefferson1743-1826
Lesezeichen