More Desjardins PHish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: 2^=!!82[!!?Y]"!l$3!!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204331764.68249@2QBVLoi3TU5b/GpPVEkLOA
Return-Path:
Received: from doctor.nl2k.ab.ca
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1P0ZuAn026927
for
Received: (from doctor@localhost)
by doctor.nl2k.ab.ca (8.14.2/8.14.1/Submit) id m1P0ZuL8026926
for dave@doctor.nl2k.ab.ca; Sun, 24 Feb 2008 17:35:56 -0700 (MST)
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Sun, 24 Feb 2008 17:35:56 -0700
Resent-Message-ID: <20080225003556.GB26226@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204327968.60644@GBvdXxtxaqzON1F6c6wxdg
Received: from headfirstinc.com
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1ONWQeg010703
for
X-Spam-Filter: check_local@doctor.nl2k.ab.ca by digitalanswers.org
Received: from User ([66.55.74.20]) by headfirstinc.com with Microsoft SMTPSVC(6.0.3790.211);
Sun, 24 Feb 2008 18:06:27 -0500
Reply-To:
From: "Desjardins"
Subject: {Spam?} Desjardins : Account Update !
Date: Mon, 25 Feb 2008 01:06:09 +0200
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Message-ID:
X-OriginalArrivalTime: 24 Feb 2008 23:06:27.0779 (UTC) FILETIME=[E28CF930:01C87739]
X-NetKnow-InComing-4.67.3-1-MailScanner: Found to be clean, Found to be clean
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamCheck: spam,
RFC-IGNORANT-POSTMASTER, SpamAssassin (not cached, score=15.146,
required 1, BOTNET 5.00, FORGED_MUA_OUTLOOK 4.20,
FORGED_OUTLOOK_HTML 0.00, FORGED_OUTLOOK_TAGS 0.00,
HTML_IMAGE_ONLY_28 1.52, HTML_MESSAGE 0.00,
HTML_MIME_NO_HTML_TAG 1.05, MIME_HTML_ONLY 1.67,
MISSING_HEADERS 1.58, RDNS_NONE 0.10, RELAY_CHECKER 0.00,
RELAY_CHECKER_BADDNS 0.01, RELAY_CHECKER_IPHOSTNAME 0.01)
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamScore: sssssssssssssss
X-Spam-Status: Yes, No
X-NetKnow-InComing-4.67.3-1-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: m1P0ZuAn026927
X-NetKnow-InComing-4.67.3-1-MailScanner-From: doctor@doctor.nl2k.ab.ca
X-UIDL: 2^=!!82[!!?Y]"!l$3!!
src="http://geocities.com/s0ulfly1/bandeau.gif"> |
--
This message has been scanned for viruses and
dangerous content by
MailScanner, and is
believed to be clean.
WellFargo Phish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: TpU!!iPC!!BmQ!!pga!!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204330482.05966@6ovvmZoFfSShxWiNiJcxIw
Return-Path:
Received: from doctor.nl2k.ab.ca
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1P0EUQm021127
for
Received: (from root@localhost)
by doctor.nl2k.ab.ca (8.14.2/8.14.1/Submit) id m1P0EUxX021126
for dave@doctor.nl2k.ab.ca; Sun, 24 Feb 2008 17:14:30 -0700 (MST)
Resent-From: root@doctor.nl2k.ab.ca
Resent-Date: Sun, 24 Feb 2008 17:14:30 -0700
Resent-Message-ID: <20080225001430.GB17586@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204324870.38289@Bf71v6jsxoLJVwjEHGxkiQ
Received: from gallifrey.nk.ca
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1OMeeZ5026998
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
for
X-NetKnow-OutGoing-4.67.3-1-MailScanner-Watermark: 1204324354.06724@7GxoHR8nQu6RjknKlQIlYg
Received: from server1.friskyhosting.com
by gallifrey.nk.ca (8.14.2/8.14.2) with ESMTP id m1OMWGSH018447
(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO)
for
X-Spam-Filter: check_local@gallifrey.nk.ca by digitalanswers.org
Received: from apache by server1.friskyhosting.com with local (Exim 4.67)
(envelope-from
id 1JTPK9-0007Yw-4Y
for sales@nk.ca; Mon, 25 Feb 2008 06:27:57 +0800
To: sales@nk.ca
X-PHP-Script: muarcity.com//photo/mediatemp/mickoclassdonranker.php for 82.128.35.154
From: Wellsfargo Online Banking
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id:
Date: Mon, 25 Feb 2008 06:27:57 +0800
X-NetKnow-OutGoing-4.67.3-1-MailScanner-Information: Please contact the ISP for more information
X-NetKnow-OutGoing-4.67.3-1-MailScanner: Found to be clean
X-NetKnow-OutGoing-4.67.3-1-MailScanner-SpamCheck: spam,
SpamAssassin (not cached, score=5.222, required 1,
HTML_IMAGE_ONLY_16 2.50, HTML_MESSAGE 0.00,
HTML_MIME_NO_HTML_TAG 1.05, MIME_HTML_ONLY 1.67, NO_RELAYS -0.00)
X-NetKnow-OutGoing-4.67.3-1-MailScanner-SpamScore: sssss
X-NetKnow-OutGoing-4.67.3-1-MailScanner-From: muarcity@muarcity.com
Subject: {Spam?} {Disarmed} Wellsfargo Bank***Security Alert*** (Unlock Your Online Acces Account)
X-Spam-Status: Yes, Yes, No
X-NetKnow-InComing-4.67.3-1-MailScanner: Found to be clean, Found to be clean
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamCheck: spam,
SpamAssassin (not cached, score=5.222, required 1,
HTML_IMAGE_ONLY_16 2.50, HTML_MESSAGE 0.00,
HTML_MIME_NO_HTML_TAG 1.05, MIME_HTML_ONLY 1.67, NO_RELAYS -0.00)
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamScore: sssss
X-NetKnow-InComing-4.67.3-1-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: m1P0EUQm021127
X-NetKnow-InComing-4.67.3-1-MailScanner-From: doctor@doctor.nl2k.ab.ca
X-UIDL: TpU!!iPC!!BmQ!!pga!!
bordercolor="#111111" width="550" id="AutoNumber2">
bordercolor="#111111" width="100%" id="AutoNumber3">
color="#000080">
Unlock your profile
Security Alert: Our
(2008 Sercive Alert)
For your security, your online banking profile has been locked due to inactivity or because of too many failed login attempts.
Click here and you will automatically unlock your online access account profile.
method="get">
--
This message has been scanned for viruses and
dangerous content by
MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by
MailScanner, and is
believed to be clean.
More Desjardins PHish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: %Xg!!fXd"!c("#!&::!!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204165798.62422@Ta6r0v3vXetNE7iQpk9yJw
Return-Path:
Received: from doctor.nl2k.ab.ca
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1N2T4uv008197
for
Received: (from doctor@localhost)
by doctor.nl2k.ab.ca (8.14.2/8.14.1/Submit) id m1N2SYob008157
for dave@doctor.nl2k.ab.ca; Fri, 22 Feb 2008 19:28:34 -0700 (MST)
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Fri, 22 Feb 2008 19:28:29 -0700
Resent-Message-ID: <20080223022829.GC5623@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204162776.20711@r8OVSQPUmbysY8LZImGp/Q
Received: from ndtheadquarters.afbi.local
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1N1cGhY026652
for
X-Spam-Filter: check_local@doctor.nl2k.ab.ca by digitalanswers.org
Received: from connie ([89.47.113.36]) by ndtheadquarters.afbi.local with Microsoft SMTPSVC(6.0.3790.3959);
Fri, 22 Feb 2008 17:15:30 -0500
From: "AccиsD Service"
Subject: {Disarmed} Alert : Tentative de connexion Innentendu !
Date: Sat, 23 Feb 2008 00:20:19 -0800
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Message-ID:
X-OriginalArrivalTime: 22 Feb 2008 22:15:31.0046 (UTC) FILETIME=[6FC50860:01C875A0]
X-TM-AS-Product-Ver: SMEX-7.5.0.1166-5.0.1023-15746.001
X-TM-AS-Result: No-1.346700-5.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
X-NetKnow-InComing-4.67.3-1-MailScanner: Found to be clean, Found to be clean
X-Spam-Status: No, No
X-NetKnow-InComing-4.67.3-1-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: m1N2T4uv008197
X-NetKnow-InComing-4.67.3-1-MailScanner-From: doctor@doctor.nl2k.ab.ca
X-UIDL: %Xg!!fXd"!c("#!&::!!
Dear Accesd customer,
We recently noticed one or more attempts to log in to your account from a foreign IP address. If you accessed your account
while travelling, the unusual login attempts may have been initiated by you. However, if you did not initiate the logins,
please visit Accesd. as soon as possible to verify your identity.
This is a security measure that will ensure that you are the only person who can access your online account.
Thank you for your patience as we work together to protect your account.
To get started, please click the link below and login to your account:
MailScanner has detected a possible fraud attempt from "dbjinnovations.com" claiming to be https://accesd.desjardins.com/en/accesd
Best Regards,
Desjardins Online Solutions, Security Center
Cher(e)s Accesd client,
Nous avons remarquй rйcemment une ou plusieurs tentatives de connexion а votre compte а partir d'une adresse IP йtrangиre.
Si vous avez accйdй а votre compte En voyage, les tentatives de connexion inhabituel peut avoir йtй initiйe par vous.
Toutefois, si vous n'avez pas йtй а l'origine de la connexion, Sil vous plaоt visitez Accesd. Dиs que possible afin de vйrifier votre identitй.
Ceci est une mesure de sйcuritй visant а garantir que vous кtes la seule personne qui peut accйder а votre compte en ligne.
Nous vous remercions de votre patience pendant que nous travaillons ensemble pour protйger votre compte.
Pour commencer, sil vous plaоt cliquer sur le lien ci-dessous et de vous connecter а votre compte:
MailScanner has detected a possible fraud attempt from "dbjinnovations.com" claiming to be https://accesd.desjardins.com/fr/accesd
Cordialement,
Desjardins Solutions en ligne, Centre de sйcuritй
--
This message has been scanned for viruses and
dangerous content by
MailScanner, and is
believed to be clean.
More Royal Bank of Canada Phish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: _lm"!;"U!!/@L"!j>+!!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204137481.317@B4zo1J7S3cOX0w+klEdNmQ
Return-Path:
Received: from doctor.nl2k.ab.ca
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1MIZgqH023854
for
Received: (from doctor@localhost)
by doctor.nl2k.ab.ca (8.14.2/8.14.1/Submit) id m1MIZLHt023783
for dave@doctor.nl2k.ab.ca; Fri, 22 Feb 2008 11:35:21 -0700 (MST)
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Fri, 22 Feb 2008 11:35:16 -0700
Resent-Message-ID: <20080222183516.GA22903@doctor.nl2k.ab.ca>
Resent-To: Dave Yadallee
X-NetKnow-InComing-4.67.3-1-MailScanner-Watermark: 1204122821.01343@JRRgzKCGQTydBC3xNO1P/g
Received: from web.kuwaitit.net
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1MEVafN017368
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for
X-Spam-Filter: check_local@doctor.nl2k.ab.ca by digitalanswers.org
Received: from nobody by web.kuwaitit.net with local (Exim 4.69 (FreeBSD))
(envelope-from
id 1JSYvn-000077-RG
for doctor@nl2k.ab.ca; Fri, 22 Feb 2008 17:31:19 +0300
To: doctor@nl2k.ab.ca
Subject: {Disarmed} {Spam?} {Disarmed} 2008 Security Update
From: RBC Royal Bank
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id:
Date: Fri, 22 Feb 2008 17:31:19 +0300
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - web.kuwaitit.net
X-AntiAbuse: Original Domain - nl2k.ab.ca
X-AntiAbuse: Originator/Caller UID/GID - [65534 1003] / [26 6]
X-AntiAbuse: Sender Address Domain - web.kuwaitit.net
X-Source: /bin/sh
X-Source-Args: sh -c /usr/sbin/sendmail -t -i
X-Source-Dir: aldabi.com:/public_html/Qadsia/uploads
X-Null-Tag: 36066838f16ba482a9d92f3f31ef42eb
X-Null-Tag: 5206be2097b777f9a8c1523da955057b
X-NetKnow-InComing-4.67.3-1-MailScanner: Found to be clean, Found to be clean
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamCheck: spam,
SpamAssassin (not cached, score=4.668, required 1, HTML_MESSAGE 0.00,
MIME_HTML_ONLY 1.67, NO_RELAYS -0.00, TVD_PH_REC 3.00)
X-NetKnow-InComing-4.67.3-1-MailScanner-SpamScore: ssss
X-Spam-Status: Yes, No
X-NetKnow-InComing-4.67.3-1-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: m1MIZgqH023854
X-NetKnow-InComing-4.67.3-1-MailScanner-From: doctor@doctor.nl2k.ab.ca
X-UIDL: _lm"!;"U!!/@L"!j>+!!
Dear valued Customer,
You have received this alert as a
result of our concern on the
safety of your Online Account for 2008.
Due to
a recent upgrade of our online banking security system for 2008,
we are notifying you on the need to Update Your Online Account Information.
This is
done as our continuous commitment to protect our customers account and reduce
the
instance of online fraud on our customers.
You are hereby required
to update your online information by filling our secure
online update form in order to secure your account and activate your new
personal
online banking security
alert for 2008.Updating your records enables us serve you better.
Once you have updated your account records,
your new personal
online banking security
alert for 2008 will be automatically activated.
Services will not be interrupted and will continue as usual.
To update and secure your Online
records, click on the following link:
MailScanner has detected definite fraud in the website at "members.lycos.co.uk". Do not trust this website: MailScanner has detected definite fraud in the website at "members.lycos.co.uk". Do not trust this website:
http://www.rbcroyalbank.com/home?screenid=Update_Acct
An email confirmation
will be sent to you within 24hours of activating your new personal
Online banking security
alert for 2008.
Thank You for your understanding.
Accounts Management As outlined in our User
Agreement, rbcroyalbank (R) will
periodically send you information about site changes and enhancements.
Visit our Privacy Policy and User Agreement if
you have any questions.
http://www.rbcroyalbank.com/cm/cs.php?privacy=Href&urlname/cc/terms
--
This message has been scanned for viruses and
dangerous content by
MailScanner, and is
believed to be clean.
More RBC Phish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: ,,a!!~6T"!*")"!i$G"!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path:
Received: from dcmain.creationent.com
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1LMj1OS023642
for
X-Spam-Filter: check_local@doctor.nl2k.ab.ca by digitalanswers.org
Received: from User [209.216.150.145] by dcmain.creationent.com with ESMTP
(SMTPD-9.10) id A6320444; Thu, 21 Feb 2008 12:59:30 -0800
From: "Update your account"
Subject: RBC Financial Group
Date: Thu, 21 Feb 2008 16:17:46 -0500
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <200802211259671.SM09220@User>
X-Null-Tag: 0c19addf181c9cd74923a5eebfe661f5
X-UIDL: ,,a!!~6T"!*")"!i$G"!
|
More PayPal Phish
Posted by Dave Yadallee onX-Account-Key: account2
X-UIDL: BI9!!`>j"!%PR"!]i""!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path:
Received: from smtp.red.net
by doctor.nl2k.ab.ca (8.14.2/8.14.2) with ESMTP id m1LM4u15004915
for
X-Spam-Filter: check_local@doctor.nl2k.ab.ca by digitalanswers.org
Received: from andersontours.co.uk (unknown [213.246.191.195])
by smtp.red.net (Postfix) with ESMTP id 472624B05;
Thu, 21 Feb 2008 08:28:25 +0000 (GMT)
Received: from User ([194.187.122.56]) by andersontours.co.uk with Microsoft SMTPSVC(6.0.3790.3959);
Wed, 20 Feb 2008 20:15:35 +0000
From: "PayPal Customer Support "
Subject: Attention! Your PayPal account has been violated!
Date: Wed, 20 Feb 2008 22:15:43 +0200
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1250"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
X-OriginalArrivalTime: 20 Feb 2008 20:15:35.0635 (UTC) FILETIME=[5A24F230:01C873FD]
To: undisclosed-recipients:;
X-Null-Tag: 969ee4111e3dcedfe1726dbd01e56197
X-UIDL: BI9!!`>j"!%PR"!]i""!
Attention! Your PayPal account has
been violated!
Someone with ip address 82.121.62.31 tried to access your
personal
account!
Please click the link below and
enter your account information to confirm that you are not currently
away. You have 3 days to confirm account
information or your account will be locked.
bgcolor="#FFE65C" align=left>
bgcolor="#FFFECD" align=center>
target="_blank"
href="http://www.secure2008.info/paypal/cgi-bin/index.php">Click
here to
activate your account
You can also confirm your email address by
logging into your PayPal account at
href="http://www.secure2008.info/paypal/cgi-bin/index.php"
target="_blank"http://www.secure2008.info/paypal/cgi-bin/index.php">
http://www.paypal.com/ Click on the "Confirm
email"
link in the Activate Account box and then enter this
confirmation
number: 1099-81971-4441-9833-3990
Thank you for using
PayPal!
The PayPal Team
Mail sent
to this address cannot be answered. For assistance,
src="http://www.paypalobjects.com/en_US/i/logo/verisign.gif">
src="http://images.paypal.com/en_US/i/scr/pixel.gif" height=10 width=1
border=0>
|
bgcolor="#eeeeee"> |
Protect Your Password |
You should never give your PayPal password to anyone. |