Phish from Bell Nexxia

From - Tue Aug 13 17:17:02 2013

X-Account-Key: account1

X-UIDL: 000023cb4f5d9180

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 13 Aug 2013 09:41:16 -0600

Received: from toroondcbmts06.bellnexxia.net ([207.236.237.40] helo=toroondcbmts06-srv.bellnexxia.net)

by doctor.nl2k.ab.ca with esmtp (Exim 4.80.1)

(envelope-from )

id 1V9Gic-0005xB-OW

for dave@doctor.nl2k.ab.ca; Tue, 13 Aug 2013 09:41:16 -0600

Received: from toip54-bus.srvr.bell.ca ([67.69.240.140])

by toroondcbmts06-srv.bellnexxia.net

(InterMail vM.8.00.01.00 201-2244-105-20090324) with ESMTP

id <20130813154106.DCOC14379.toroondcbmts06-srv.bellnexxia.net@toip54-bus.srvr.bell.ca>

for ; Tue, 13 Aug 2013 11:41:06 -0400

Received: from bas1-galt04-1176178839.dsl.bell.ca (HELO server2) ([70.27.16.151])

by toip54-bus.srvr.bell.ca with ESMTP; 13 Aug 2013 11:41:00 -0400

X-IronPort-Anti-Spam-Filtered: true

X-IronPort-Anti-Spam-Result: AlsLAOpOClJGGxCX/2dsb2JhbABbBxCCbzWIaqRNAQGSGnsXdIIbWAMBAUQGAQInZAYCAgiGIoIBDJdIjyuEAikBm2IGgU6BPYEugRwDgSiIBYVymhYfgxoegSwCBxdtBSw

X-IronPort-AV: E=Sophos;i="4.89,870,1367985600";

d="scan'208";a="338908670"

From: "support"

To: "61-218-207-124.HINET-IP.hinet.net 3MC8jr"

Content-Type: multipart/alternative; boundary="4F0pUIrl5AoBSnjK1PisyB0=_5itymHGnc0"

MIME-Version: 1.0

Date: Tue, 13 Aug 2013 10:36:44 -0500

Message-Id: <20130813154106.DCOC14379.toroondcbmts06-srv.bellnexxia.net@toip54-bus.srvr.bell.ca>

X-Spam_score: 5.0

X-Spam_score_int: 50

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has

identified this incoming email as possible spam. The original message

has been attached to this so you can view it (if it isn't spam) or label

similar future email. If you have any questions, see

the administrator of that system for details.



Content preview: - This mail is in HTML. Some elements may be ommited in plain

text. - Your account access is limited for security reasons. Click here to

remove the limitation and restore your full access. Thank you for your prompt

attention on this matter! [...]



Content analysis details: (5.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

2.0 RCVD_IN_UCE_PFSM_1 RBL: Received via a relay in UCE_PFSM_1

[207.236.237.40 listed in dnsbl-1.uceprotect.net]

1.0 RCVD_IN_BACKSCATTER RBL: Received via a relay in Backscatter.org

[207.236.237.40 listed in ips.backscatterer.org]

2.0 RCVD_IN_UCE_PFSM_2 RBL: Received via a relay in UCE_PFSM_2

[207.236.237.40 listed in dnsbl-2.uceprotect.net]

Subject: {SPAM?}



This is a multi-part message in MIME format



--4F0pUIrl5AoBSnjK1PisyB0=_5itymHGnc0

Content-Type: text/plain

Content-Transfer-Encoding: quoted-printable



- This mail is in HTML. Some elements may be ommited in plain text. -



Your account access is limited for security reasons.

Click here to remove the limitation and restore your full access.

Thank you for your prompt attention on this matter!



--4F0pUIrl5AoBSnjK1PisyB0=_5itymHGnc0

Content-Type: text/html

Content-Transfer-Encoding: quoted-printable



Your account access is limited for security reasons.





Clic=

k here to remove the limitation and restore your full access.




=20

Thank you for your prompt attention on this matter!





--4F0pUIrl5AoBSnjK1PisyB0=_5itymHGnc0--







Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA