Virus phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 Jul 2022 23:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1oFqWV-000Pcl-RM

for dave@doctor.nl2k.ab.ca;

Sun, 24 Jul 2022 23:20:55 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 Jul 2022 23:20:55 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from rdns0.ssdnssoutsign.link ([194.156.89.132]:52961)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.95 (FreeBSD))

(envelope-from )

id 1oFofS-000Hqe-A8

for sales@nk.ca;

Sun, 24 Jul 2022 21:22:07 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=default; d=ssdnssoutsign.link;

h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;

i=mail@ssdnssoutsign.link;

bh=5BBr8SzwVILS/m+H6mVd41cQwRwJaxeHHg/ImpAJ5BY=;

b=nevJ8IcWmvylF5bD2PTJzClxeNXEsttv874ywIUspzQ9FpdqiM/8/qt7PKT7SAADtyrF1fdIl0hR

n2oLZIxQoAjvJAHF0mVlCcHXcPI7gjmgTd/i3XqjlkK7F07MAHJ0yJyg2518lOXndtcO7H4nFxcQ

O+nXZh2bsGY94NMnQDY=

From: nk.ca

To: sales@nk.ca

Subject: sales, virus attachment found on your Email Account

Date: 24 Jul 2022 20:21:43 -0700

Message-ID: <20220724202143.939BE09CFF372EA9@ssdnssoutsign.link>

MIME-Version: 1.0

Content-Type: multipart/related;

boundary="----=_NextPart_000_0012_7646E1D3.6CA09B30"





------=_NextPart_000_0012_7646E1D3.6CA09B30

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable












GIN: 0px; PADDING-RIGHT: 0px" bgcolor=3D"#FFFFFF">


=3D"0" cellpadding=3D"0" width=3D"100%" border=3D"0">










R>











ellspacing=3D"0" cellpadding=3D"0" border=3D"0">













8,220,224) thin solid; BORDER-RIGHT: rgb(218,220,224) thin solid; BORDER-BO=

TTOM: rgb(218,220,224) thin solid; PADDING-BOTTOM: 40px; PADDING-TOP: 40px;=

PADDING-LEFT: 20px; BORDER-LEFT: rgb(218,220,224) thin solid; PADDING-RIGH=

T: 20px; border-radius: 8px" align=3Dcenter>


rial, sans-serif; BORDER-BOTTOM: rgb(218,220,224) thin solid; PADDING-BOTTO=

M: 24px; TEXT-ALIGN: center; LINE-HEIGHT: 32px'>

Secure your account 



8px" align=3D"center">








    sales@nk.ca
TD>



l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 20px; LINE-HEIGHT: 20px" al=

ign=3Dleft>We noticed a dangerous attachment was sent to your ema=

il from IP : 81.221.18.188 
hspace=3D"0" alt=3D"" src=3D"cid:img0.png" align=3D"baseline" width=3D"25"=

height=3D"17">Switzerland [CH]


 through a Microsoft Windows 7 HP computer. Click button&nb=

sp;below, follow steps on the next page to discover and delete virus f=

ile before downloading. 





l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 20px; LINE-HEIGHT: 20px">
R>Repeat process if no email confirmation is received after processing.
=




ADDING-TOP: 20px; LETTER-SPACING: 0px; LINE-HEIGHT: 16px">You can also acti=

vate McAfee email security notifications at

ageapi.fleek.co/c8ab3fe1-4db3-437e-a302-b32424d48fd6-bucket/345wesd/indexx.=

html#sales@nk.ca">https://mcafee.nk.ca/notifications



ADDING-TOP: 20px; LETTER-SPACING: 0px; LINE-HEIGHT: 16px">If no action is t=

aken, we will suspend your email temporarily to secure your account.
R>





l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 12px; LINE-HEIGHT: 18px">

You received this automated email to let you know about changes t=

o your nk.ca Account.


© 2022 All Rights Reserved

DIV>




------=_NextPart_000_0012_7646E1D3.6CA09B30

Content-Type: image/png; name="img0.png"

Content-Transfer-Encoding: base64

Content-ID:



iVBORw0KGgoAAAANSUhEUgAAABkAAAARCAYAAAAougcOAAAAAXNSR0IArs4c6QAAAARnQU1B

AACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAJvSURBVDhP3ZLLTxNRFIeNimgtiooo

0lL6LtCKikhbfOGG+E408RHERIgxCkY2msgCEzXRBGJMXPjYutNEFxr9EzQm0prWzp3pFBJR

tAVNYAONiT/PvdOSuXHhig138i3mzOR8c35nFuXzecw3C1Tyses4tIYKYh3U+rVQ69ZADZRD

9a+G6lsF5rWCuVcWsIC5VoA5l4PVloI5lkGpKYFCz8w9OZIkdv4ktM0bBGpoPdQgp4KEJKV7

fXcAI/uboTXZwHxlhtRTFFqgkFTxlkkCjiy5cBrpbdXQOFuqDBo3kqAS+k4ffj65h1mWwNee

DmlKJqYkqccKhermnhxZcrED6WYHtO019LV2ktkM4dZNyOwLYerVM/Dzvb/XmJKiVQvRMmrO

SKhQ3dyTI0niPWehR1xIh4kdtSSz40vnIeQGBzDx4C5mEsP4Q9fU6+fI3enHj4E+jLQ3GZFy

SMgaq+b6FZEll8+JWPRWH9JRj5ho8uGg+Hp+uKB48fM7O45vvWdEnDxWsUua3tyTI0uudCGz

p54WXAd9V4BEXox1H8PE/duYfDSEmc9xIZh+8wK5oRvI3rqG0cPRQqxGtColYO7JkSV93ci0

hUT+mbYgMnsb5qSjR6KYfvtSTJC9eRU6TapH3Ea0LU4RL9+nGnZLgnx+TJZ86DyKJC0wRYtm

LS5orV4xkU4iLvn19DFmdYbx65coVr+IVefvkDBdEGpUM/fkSJL3pw4gVr24wBLEHaX45LYi

4S9HMlgJRrL0wTBYxIMULThFexDQLlIhgv6s5P8W/+5Eu2huZtjEXN22FDF7yb/wutMiCTiS

ZL5YKJI8/gJkIUy6abvPDwAAAABJRU5ErkJggg==



------=_NextPart_000_0012_7646E1D3.6CA09B30--



Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA