More Royal Bank of Canada Phish
Posted by Dave Yadallee on
From - Thu May 30 06:18:20 2013
X-Account-Key: account1
X-UIDL: 00001b7e4f5d9180
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 May 2013 06:17:22 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.80.1)
(envelope-from)
id 1Ui1mY-00012D-C7
for dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 06:16:38 -0600
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Thu, 30 May 2013 06:16:38 -0600
Resent-Message-ID: <20130530121638.GA3670@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
Received: from www.oneeyeland.com ([66.132.135.128] helo=oneeyeland.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)
(envelope-from)
id 1Ui1Zw-0002c5-3f
for sales@nk.ca; Thu, 30 May 2013 06:03:45 -0600
Received: from advisor.webssl.com (unknown [142.46.21.137])
by oneeyeland.com (Postfix) with ESMTPA id 569448B935
for; Tue, 28 May 2013 04:54:13 +0530 (IST)
From: RBC Royal Bank
To: sales@nk.ca
Subject: Message Center: 1 New Alert Message!
Date: 27 May 2013 19:24:09 -0400
Message-ID: <20130527192409.068D033D58DC61D7@advisor.webssl.com>
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 15.0
X-Spam_score_int: 150
X-Spam_bar: +++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: RBC Royal Bank / Message Center: 1 New Alert Message! 1 New
Alert Message! Customer Service: Your account has been limited! Click to
Resolve Thank you for using Royal Bank of Canada. [...]
Content analysis details: (15.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 RCVD_IN_SPAMCANNIBAL RBL: Received via a relay in SpamCannibal
[66.132.135.128 listed in bl.spamcannibal.org]
2.0 RCVD_IN_UCE_PFSM_1 RBL: Received via a relay in UCE_PFSM_1
[66.132.135.128 listed in dnsbl-1.uceprotect.net]
11 RCVD_IN_JMF_BR RBL: Sender listed in JMF-BROWN
[66.132.135.128 listed in hostkarma.junkemailfilter.com]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
Subject: {SPAM?} Message Center: 1 New Alert Message!
RBC Royal Bank / Message Center: 1 New Alert Message!
![](3D"http://www.rbcroyalbank.com/uos/_assets/images/logos/web/rbc_roy=<br)
albank_en.gif">
![](3D"https://www1.royalbank.com/uos/common/images/icon_information_go=<br)
ld.gif"> 1 New Alert Message!
=20
g=3D"0" width=3D"100%">
ellpadding=3D"3" cellspacing=3D"0" width=3D"100%">
Customer Service: Your account has be=
en limited!
-107-193-215-2.dsl.pltn13.sbcglobal.net/ssl/rbaccess/encrypted-session/F6=3D=
1&F7=3DIB&F21=3DIB&F22=3DIB&REQUEST=3DClientSignin&LANGUAGE=3DENGLISH/index.=
php">Click to Resolve
=20
Thank you for using Royal Bank of Canada.
X-Account-Key: account1
X-UIDL: 00001b7e4f5d9180
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 May 2013 06:17:22 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.80.1)
(envelope-from
id 1Ui1mY-00012D-C7
for dave@doctor.nl2k.ab.ca; Thu, 30 May 2013 06:16:38 -0600
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Thu, 30 May 2013 06:16:38 -0600
Resent-Message-ID: <20130530121638.GA3670@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
Received: from www.oneeyeland.com ([66.132.135.128] helo=oneeyeland.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)
(envelope-from
id 1Ui1Zw-0002c5-3f
for sales@nk.ca; Thu, 30 May 2013 06:03:45 -0600
Received: from advisor.webssl.com (unknown [142.46.21.137])
by oneeyeland.com (Postfix) with ESMTPA id 569448B935
for
From: RBC Royal Bank
To: sales@nk.ca
Subject: Message Center: 1 New Alert Message!
Date: 27 May 2013 19:24:09 -0400
Message-ID: <20130527192409.068D033D58DC61D7@advisor.webssl.com>
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 15.0
X-Spam_score_int: 150
X-Spam_bar: +++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: RBC Royal Bank / Message Center: 1 New Alert Message! 1 New
Alert Message! Customer Service: Your account has been limited! Click to
Resolve Thank you for using Royal Bank of Canada. [...]
Content analysis details: (15.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 RCVD_IN_SPAMCANNIBAL RBL: Received via a relay in SpamCannibal
[66.132.135.128 listed in bl.spamcannibal.org]
2.0 RCVD_IN_UCE_PFSM_1 RBL: Received via a relay in UCE_PFSM_1
[66.132.135.128 listed in dnsbl-1.uceprotect.net]
11 RCVD_IN_JMF_BR RBL: Sender listed in JMF-BROWN
[66.132.135.128 listed in hostkarma.junkemailfilter.com]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
Subject: {SPAM?} Message Center: 1 New Alert Message!
albank_en.gif">
ld.gif"> 1 New Alert Message!
=20
g=3D"0" width=3D"100%">
ellpadding=3D"3" cellspacing=3D"0" width=3D"100%">
Customer Service: Your account has be=
en limited!
-107-193-215-2.dsl.pltn13.sbcglobal.net/ssl/rbaccess/encrypted-session/F6=3D=
1&F7=3DIB&F21=3DIB&F22=3DIB&REQUEST=3DClientSignin&LANGUAGE=3DENGLISH/index.=
php">Click to Resolve
=20
Thank you for using Royal Bank of Canada.