From survey@rbc.com Tue Aug 23 09:48:52 2011
Return-Path: survey@rbc.com
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on doctor.nl2k.ab.ca
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable
version=3.3.2
X-Original-To: archive@nl2k.ab.ca
Delivered-To: archive@nl2k.ab.ca
Received: from localhost (localhost.nl2k.ab.ca [127.0.0.1])
by doctor.nl2k.ab.ca (Postfix) with ESMTP id E7E3B12CFAB4
for
; Tue, 23 Aug 2011 09:48:51 -0600 (MDT)
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Received: from doctor.nl2k.ab.ca ([127.0.0.1])
by localhost (doctor.nl2k.ab.ca [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id TOT8DxviJ5SE for ;
Tue, 23 Aug 2011 09:48:40 -0600 (MDT)
Received: from sometconstruct.ro (sometconstruct.ro [89.18.7.50])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by doctor.nl2k.ab.ca (Postfix) with ESMTPS id 1C29712CFAB2
for ; Tue, 23 Aug 2011 09:48:31 -0600 (MDT)
Received: (qmail 20503 invoked by uid 210); 23 Aug 2011 15:40:06 -0000
Received: from 62.139.182.98 by somet (envelope-from , uid 201)
with qmail-scanner-1.25st (clamdscan: 0.92.1/5777. perlscan: 1.25st.
Clear:RC:1(62.139.182.98):. Processed in 8.822449 secs); 23 Aug 2011
15:40:06 -0000
Received: from unknown (HELO rbc.com)
(postmaster@sometconstruct.ro@62.139.182.98) by 192.168.16.3 with
ESMTPA; 23 Aug 2011 15:39:57 -0000
From: RBC Royal Bank
To: archive@nl2k.ab.ca
Subject: RBC Royal Bank Notification.
X-Eset-AntiSpam: OK;60;calc;2011-08-23 18:40:06;1108231840060045;FCDF
Date: 23 Aug 2011 18:52:25 +0300
Message-ID: <20110823185225.8C95F48B698A333D@rbc.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0012_46C22F29.0A598261"
X-Sanitizer: This message has been sanitized!
X-Sanitizer-URL: http://mailtools.anomy.net/
X-Sanitizer-Rev: $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 8bit, Size: 0.8K --]
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Dear members,
You have been selected to participate in a public opinion poll
conducted by RBC Royal Bank, a non-partisan polling
organization. The poll is about current events at the national
level and your views about them. It is short and should take you
only 5-7 minutes to complete. All of your answers will be kept
strictly confidential and will be used only for legitimate
research purposes.
Please download and unpack the form attached to this email and
open it in a web browser.
Each person taking the poll will win $200
Thank you for your participation!
Sincerely,
Survey Manager
__________ Information from ESET Mail Security, version of virus signature
+database 6403 (20110823) __________
The message was checked by ESET Mail Security.
http://www.eset.com
[-- Attachment #2: RBC Royal Bank Notification.zip --]
[-- Type: application/octet-stream, Encoding: base64, Size: 6.9K --]
Content-Type: application/octet-stream; name="RBC Royal Bank Notification.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="RBC Royal Bank Notification.zip"
[-- application/octet-stream is unsupported (use 'v' to view this part) --]
From securityalert@cibc.com Tue Aug 23 08:58:19 2011
Return-Path: securityalert@cibc.com
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on doctor.nl2k.ab.ca
X-Spam-Level: **
X-Spam-Status: No, score=3.3 required=5.0 tests=FORGED_MUA_OUTLOOK,
FORGED_OUTLOOK_TAGS,SARE_OBFU_SPLIT_HR2 autolearn=no version=3.3.2
X-Original-To: root@doctor.nl2k.ab.ca
Delivered-To: root@doctor.nl2k.ab.ca
Received: from localhost (localhost.nl2k.ab.ca [127.0.0.1])
by doctor.nl2k.ab.ca (Postfix) with ESMTP id 0835612CFAB5
for ; Tue, 23 Aug 2011 08:58:19 -0600 (MDT)
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Received: from doctor.nl2k.ab.ca ([127.0.0.1])
by localhost (doctor.nl2k.ab.ca [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id kkNDIpbJBE6i for ;
Tue, 23 Aug 2011 08:58:09 -0600 (MDT)
Received: from correoweb.wonderl.com (kompassocean.com [200.74.218.204])
(using SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
(No client certificate requested)
by doctor.nl2k.ab.ca (Postfix) with ESMTPS id DF3ED12CFAB4
for ; Tue, 23 Aug 2011 08:58:04 -0600 (MDT)
Received: from User ([173.184.125.121])
by correoweb.wonderl.com (Merak 6.1.0) with ASMTP id MWK37904;
Tue, 23 Aug 2011 10:15:46 -0430
From: CIBC Online Banking
Subject: ***SPAM** CIBC Bank -Anti-Fraud International
Date: Tue, 23 Aug 2011 08:57:49 -0600
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Sanitizer: This message has been sanitized!
X-Sanitizer-URL: http://mailtools.anomy.net/
X-Sanitizer-Rev: $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
src="https://www.cibconline.cibc.com/olb/img/cibc-logo.gif"
width="100" height="82">
Our Valued Customer,
For your security, CIBC Bank has safeguard your account
when there is a
possibility that someone other than you is attempting
to sign on.
You now need to verify your Identity.
To verify your identity, kindly follow
style="font-size: 10pt; font-family: Arial; color: black">
reference below and take the directions to instant
activation.
size="2">
https://www.cibconline.cibc.com/olbtxn/authentication/PreSign
On
face="Tahoma">
face="Arial">Thank you for
helping us to protect you.
color="black" size="2" face="Tahoma">
Security Advisor
color="#006699"face="Arial"size="2">
color=""face="Arial"size="2">The CIBC Online Security
Guarantee
|
This message has been
+'sanitized'. This means that potentially
dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1314111500"):
SanitizeFile (filename="unnamed.html, filetype.html", mimetype="text/html"):
Match (names="unnamed.html, filetype.html", rule="2"):
Enforced policy: accept
Rewrote HTML tag: >>_table id="table3" style="BORDER-COLLAPSE: collapse"
+width="564" border="0"_<<
as: >>_table id="table3" DEFANGED_style="BORDER-COLLAPSE:
+collapse" width="564" border=0_<<
Note: Styles and layers give attackers many tools to fool the
user and common browsers interpret Javascript code found
within style definitions.
Rewrote HTML tag: >>_span style="font-size: 10pt; font-family: Arial;
+color: black"_<<
as: >>_DEFANGED_span style="font-size: 10pt; font-family:
+Arial; color: black"_<<
Rewrote HTML tag: >>_/span_<<
as: >>_/DEFANGED_span_<<
Rewrote HTML tag: >>_/div_<<
as: >>_/p__DEFANGED_div_<<
Total modifications so far: 4
Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
|
This message has been
+'sanitized'. This means that potentially dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1314111500"):
SanitizeFile (filename="unnamed.html, filetype.html", mimetype="text/html"):
Match (names="unnamed.html, filetype.html", rule="2"):
Enforced policy: accept
Rewrote HTML tag: >>_table id="table3" style="BORDER-COLLAPSE: collapse"
+width="564" border="0"_<<
as: >>_table id="table3" DEFANGED_style="BORDER-COLLAPSE:
+collapse" width="564" border=0_<<
Note: Styles and layers give attackers many tools to fool the
user and common browsers interpret Javascript code found
within style definitions.
Rewrote HTML tag: >>_span style="font-size: 10pt; font-family: Arial;
+color: black"_<<
as: >>_DEFANGED_span style="font-size: 10pt; font-family:
+Arial; color: black"_<<
Rewrote HTML tag: >>_/span_<<
as: >>_/DEFANGED_span_<<
Rewrote HTML tag: >>_/div_<<
as: >>_/p__DEFANGED_div_<<
Total modifications so far: 4
Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
|
This message has been
+'sanitized'. This means that potentially
dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1314111500"):
SanitizeFile (filename="unnamed.html, filetype.html", mimetype="text/html"):
Match (names="unnamed.html, filetype.html", rule="2"):
Enforced policy: accept
Rewrote HTML tag: >>_table id="table3" style="BORDER-COLLAPSE: collapse"
+width="564" border="0"_<<
as: >>_table id="table3" DEFANGED_style="BORDER-COLLAPSE:
+collapse" width="564" border=0_<<
Note: Styles and layers give attackers many tools to fool the
user and common browsers interpret Javascript code found
within style definitions.
Rewrote HTML tag: >>_span style="font-size: 10pt; font-family: Arial;color: black"_<<
as: >>_DEFANGED_span style="font-size: 10pt; font-family:Arial; color: black"_<<
Rewrote HTML tag: >>_/span_<<
as: >>_/DEFANGED_span_<<
Rewrote HTML tag: >>_/div_<<
as: >>_/p__DEFANGED_div_<<
Total modifications so far: 4
Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
|