Phishing Spam

From - Fri Aug 09 17:50:24 2013

X-Account-Key: account1

X-UIDL: 000023254f5d9180

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 09 Aug 2013 15:54:15 -0600

Received: from smtp.webindustrie.fr ([217.71.112.120])

by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)

(envelope-from )

id 1V7udH-00077M-Re

for dave@doctor.nl2k.ab.ca; Fri, 09 Aug 2013 15:54:14 -0600

Received: from brodelec.fr (LLagny-156-34-27-152.w80-14.abo.wanadoo.fr [80.14.207.152])

by smtp.webindustrie.fr (Postfix) with ESMTPA id EDE69338DB3;

Fri, 9 Aug 2013 23:52:25 +0200 (CEST)

Received: from User ([24.238.106.251]) by brodelec.fr with Microsoft SMTPSVC(6.0.3790.3959);

Fri, 9 Aug 2013 23:52:25 +0200

From: "Kristine Jones"

Subject: Re-confirm your bank details

Date: Fri, 9 Aug 2013 23:52:41 +0200

MIME-Version: 1.0

Content-Type: text/html;

charset="Windows-1251"

Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

Message-ID:

X-OriginalArrivalTime: 09 Aug 2013 21:52:25.0504 (UTC) FILETIME=[BC075A00:01CE954A]

X-Spam_score: 8.2

X-Spam_score_int: 82

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has

identified this incoming email as possible spam. The original message

has been attached to this so you can view it (if it isn't spam) or label

similar future email. If you have any questions, see

the administrator of that system for details.



Content preview: Good day, I have been instructed by your customer to effect

a WIRE Transfer to your Bank Account. I noticed that there were irregularities

in the bank details I received. [...]



Content analysis details: (8.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.6 SARE_FREE_WEBM_ZCom01 Sender used free email account - may be spammer

2.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URIs: ecg.org.au]

0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

0.7 SARE_URGBIZ BODY: Contains urgent matter

0.0 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format

4.2 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

Subject: {SPAM?} Re-confirm your bank details



Good day,





I have been instructed by your customer to effect a WIRE Transfer to your Bank Account.





I noticed that there were irregularities in the bank details I received.





I have tried to contact your customer but could not reach him on phone,





so I decided to contact you so you can confirm if the attached Bank details corresponds to the one I was given.





View Your Bank Details







I do not want to make mistake and pay into a bank account which is not yours.





I will be waiting for your urgent reply.







Thanks with regards









---------------------





Pacific Exchange Company


Shop 72, Ground Floor, Chung King Mansion,


36-44 Nathan Road, T.S.T, Kowloon, H.K.


Tel: (852) 2724-4981


Fax: (852) 2724-4331


Email: info@pacificexco.com






Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA