More Apple Phish
Posted by Dave Yadallee on
From - Wed Mar 12 10:19:46 2014
X-Account-Key: account2
X-UIDL: 000571f6501fb806
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: sales@nk.ca
Delivery-date: Wed, 12 Mar 2014 10:19:02 -0600
Received: from mail2.pharmacommunications.com ([69.17.172.206] helo=pharmacommunications.com)
by doctor.nl2k.ab.ca with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from)
id 1WNlri-0006si-7C
for sales@nk.ca; Wed, 12 Mar 2014 10:18:59 -0600
Received: (qmail 31207 invoked from network); 12 Mar 2014 12:14:36 -0400
Received: from unknown (HELO User) (65.102.144.38)
by 172.16.20.34 with ESMTPA; 12 Mar 2014 12:14:36 -0400
From: "Apple"
Subject: Your information needs to be updated !
Date: Wed, 12 Mar 2014 09:14:29 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_00D8_01C2A9A6.28015042"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Spam_score: 8.1
X-Spam_score_int: 81
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "gallifrey.nk.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Will lead us to a further improvement of the system soon.
For your account information secure and up to date.
We have Intervals
verifies your identity.
Please go immediately and end this process.
To confirm please
target="_blank">Click Here
X-Account-Key: account2
X-UIDL: 000571f6501fb806
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: sales@nk.ca
Delivery-date: Wed, 12 Mar 2014 10:19:02 -0600
Received: from mail2.pharmacommunications.com ([69.17.172.206] helo=pharmacommunications.com)
by doctor.nl2k.ab.ca with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from
id 1WNlri-0006si-7C
for sales@nk.ca; Wed, 12 Mar 2014 10:18:59 -0600
Received: (qmail 31207 invoked from network); 12 Mar 2014 12:14:36 -0400
Received: from unknown (HELO User) (65.102.144.38)
by 172.16.20.34 with ESMTPA; 12 Mar 2014 12:14:36 -0400
From: "Apple"
Subject: Your information needs to be updated !
Date: Wed, 12 Mar 2014 09:14:29 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_00D8_01C2A9A6.28015042"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Spam_score: 8.1
X-Spam_score_int: 81
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "gallifrey.nk.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Will lead us to a further improvement of the system soon.
For your account information secure and up to date.
We have Intervals
verifies your identity.
Please go immediately and end this process.
To confirm please
target="_blank">Click Here
[...]
Content analysis details: (8.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
1.2 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.1 MISSING_MID Missing Message-Id: header
0.5 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
1.9 FROM_MISSP_NO_TO From misspaced, To missing
0.0 FROM_MISSP_EH_MATCH From misspaced, matches envelope
2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
Subject: {SPAM?} Your information needs to be updated !
This is a multi-part message in MIME format.
------=_NextPart_000_00D8_01C2A9A6.28015042
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
Will lead us to a further improvement of the system soon.
For your account information secure and up to date.
We have Intervals verifies your identity.
Please go immediately and end this process.
To confirm please Click Here
We apologize for any inconvenience.
Thank you.
Copyright © 2014 Apple Inc. All rights reserved.
------=_NextPart_000_00D8_01C2A9A6.28015042
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
Will lead us to a further improvement of the system soon.
For your account information secure and up to date.
We have Intervals verifies your identity.
Please go immediately and end this process.
To confirm please Click Here
We apologize for any inconvenience.
Thank you.
Copyright © 2014 Apple Inc. All rights reserved.
------=_NextPart_000_00D8_01C2A9A6.28015042--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments