2FA Phish from USA Midwest
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 07 Jan 2024 06:53:02 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rMSHf-00000000O7H-0h3c
for dave@doctor.nl2k.ab.ca;
Sun, 07 Jan 2024 05:29:43 -0700
Resent-From: The Doctor
Resent-Date: Sun, 7 Jan 2024 05:29:42 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from cloudhost-10747624.us-midwest-2.nxcli.net ([199.189.225.23]:55934)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rMIPi-00000000K8O-2ji5
for sales@nk.ca;
Sat, 06 Jan 2024 18:57:26 -0700
Received: (qmail 28204 invoked by uid 108); 7 Jan 2024 01:55:52 +0000
Received: from unknown (HELO cloudhost-10747624.us-midwest-2.nxcli.net) (127.0.0.1)
by cloudhost-10747624.us-midwest-2.nxcli.net with SMTP; 7 Jan 2024 01:55:52 +0000
Received: from [10.0.0.4] ([4.232.136.205])
by cloudhost-10747624.us-midwest-2.nxcli.net with ESMTPSA
id zZgqAagEmmXrbQAA1yip+g
(envelope-from)
for; Sun, 07 Jan 2024 01:55:51 +0000
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Reply-To: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
Message-ID: <23d3ba1c13c54b39bfc98fbad705721b@784152eef6.nxcli.io>
X-Priority: 2 (High)
From: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
To: sales@nk.ca
Subject: Immediate Action Required: Enable 2FA for Account Safety
Date: Sun, 07 Jan 2024 01:55:50 +0000
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_1549_61C616DD.35A00B9C"
X-Antivirus: AVG (VPS 240107-2, 1/7/2024), Inbound message
X-Antivirus-Status: Clean
------=_NextPart_000_1549_61C616DD.35A00B9C
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Activate 2-Factor Authentication
Dear sales@nk.ca,
Enhance the security of your account by activating 2-Factor Authentication =
(2FA). This additional layer of protection ensures that only you can access=
your account.
To activate 2FA, click the button below:
Activate 2FA
Thank you for choosing to secure your account with 2FA.
Best Regards,
@2024 M=D0=B5taM=D0=B0sk =E2=80=A2 A Consensys Formation
Questions? Visit our Help Center.
------=_NextPart_000_1549_61C616DD.35A00B9C
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=0A
=3D"en">Activate 2-Factor Authentication =0A
nt=3D"text/html; charset=3Dutf-8" http-equiv=3D"Content-Type">=0A
=3D"GENERATOR" content=3D"MSHTML 11.00.10570.1001">=0A
=3D"#ffffff">
s=3D1 cellPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
lPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
=0A
ellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D"0">=0A
y>=0A =0A
er">=0A
cellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D"0">=0A =
=0A =0A
ff" align=3D"center">=0AActivate 2=
=0A
g=3D"0" width=3D"500" bgcolor=3D"#ffffff" border=3D"0">=0A =
=0A=0A
"left">=0A
IZE: 16px; LINE-HEIGHT: 1.5">Dear sales@nk.ca,=0A
=3D"FONT-SIZE: 16px; LINE-HEIGHT: 1.5">Enhance the security of =0A =
your account by activating 2-Factor Authentication (2FA). This =0A =
additional layer of protection ensures that only you can access your =
=0A account.=0A
-HEIGHT: 1.5">To activate 2FA, click =0A the button below:
-- CTA Button -->=0A
bgcolor=3D"#ffffff" border=3D"0">=0A =0A <=
tr>=0A
PADDING-LEFT: 20px; PADDING-RIGHT: 20px; BACKGROUND-COLOR: #0071eb; border=
-radius: 5px" bgcolor=3D"#ffffff">
ION: none; FONT-WEIGHT: bold; COLOR: #ffffff" href=3D"https://mrsden.dreamh=
osters.com/">Activate 2FA =0A =
=0A
=0A
pacing=3D"0" cellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D=
"0">=0A =0A=0A
lor=3D"#ffffff" align=3D"center">=0A
; COLOR: #ffffff">Questions? Visit our
ne; COLOR: #ffffff" href=3D"[YourHelpCenterLink]">Help =0A Center.=
p> =0A
------=_NextPart_000_1549_61C616DD.35A00B9C--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 07 Jan 2024 06:53:02 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rMSHf-00000000O7H-0h3c
for dave@doctor.nl2k.ab.ca;
Sun, 07 Jan 2024 05:29:43 -0700
Resent-From: The Doctor
Resent-Date: Sun, 7 Jan 2024 05:29:42 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from cloudhost-10747624.us-midwest-2.nxcli.net ([199.189.225.23]:55934)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rMIPi-00000000K8O-2ji5
for sales@nk.ca;
Sat, 06 Jan 2024 18:57:26 -0700
Received: (qmail 28204 invoked by uid 108); 7 Jan 2024 01:55:52 +0000
Received: from unknown (HELO cloudhost-10747624.us-midwest-2.nxcli.net) (127.0.0.1)
by cloudhost-10747624.us-midwest-2.nxcli.net with SMTP; 7 Jan 2024 01:55:52 +0000
Received: from [10.0.0.4] ([4.232.136.205])
by cloudhost-10747624.us-midwest-2.nxcli.net with ESMTPSA
id zZgqAagEmmXrbQAA1yip+g
(envelope-from
for
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Reply-To: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
Message-ID: <23d3ba1c13c54b39bfc98fbad705721b@784152eef6.nxcli.io>
X-Priority: 2 (High)
From: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
To: sales@nk.ca
Subject: Immediate Action Required: Enable 2FA for Account Safety
Date: Sun, 07 Jan 2024 01:55:50 +0000
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_1549_61C616DD.35A00B9C"
X-Antivirus: AVG (VPS 240107-2, 1/7/2024), Inbound message
X-Antivirus-Status: Clean
------=_NextPart_000_1549_61C616DD.35A00B9C
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Activate 2-Factor Authentication
Dear sales@nk.ca,
Enhance the security of your account by activating 2-Factor Authentication =
(2FA). This additional layer of protection ensures that only you can access=
your account.
To activate 2FA, click the button below:
Activate 2FA
Thank you for choosing to secure your account with 2FA.
Best Regards,
@2024 M=D0=B5taM=D0=B0sk =E2=80=A2 A Consensys Formation
Questions? Visit our Help Center.
------=_NextPart_000_1549_61C616DD.35A00B9C
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=0A
=3D"en">
nt=3D"text/html; charset=3Dutf-8" http-equiv=3D"Content-Type">=0A
=3D"GENERATOR" content=3D"MSHTML 11.00.10570.1001">=0A
=3D"#ffffff">
s=3D1 cellPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
lPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
=C2=A0
=0Aellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D"0">=0A
y>=0A
er">=0A
cellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D"0">=0A =
ff" align=3D"center">=0A
Activate 2=
-Factor =0A Authentication
g=3D"0" width=3D"500" bgcolor=3D"#ffffff" border=3D"0">=0A =
=0A
"left">=0A
order=3D"0" src=3D"https://theme.zdassets.com/theme_assets/2313093/bad730fb=
4fa8145bf225c509b343cc23f951c2e9.svg">
IZE: 16px; LINE-HEIGHT: 1.5">Dear sales@nk.ca,=0A
=3D"FONT-SIZE: 16px; LINE-HEIGHT: 1.5">Enhance the security of =0A =
your account by activating 2-Factor Authentication (2FA). This =0A =
additional layer of protection ensures that only you can access your =
=0A account.=0A
-HEIGHT: 1.5">To activate 2FA, click =0A the button below:
-- CTA Button -->=0A
bgcolor=3D"#ffffff" border=3D"0">=0A
tr>=0A
PADDING-LEFT: 20px; PADDING-RIGHT: 20px; BACKGROUND-COLOR: #0071eb; border=
-radius: 5px" bgcolor=3D"#ffffff">
ION: none; FONT-WEIGHT: bold; COLOR: #ffffff" href=3D"https://mrsden.dreamh=
osters.com/">Activate 2FA =0A =
=0A
Thank you for=
choosing =0A to secure your account with 2FA.
Best Regards,
s=3D"Footer__PolicyCopyLink-sc-rarfco-3 jrzEXq paragraph">@2024 =0A =
M=D0=B5taM=D0=B0sk =E2=80=A2 A Consensys Formation
=0A
pacing=3D"0" cellpadding=3D"0" width=3D"100%" bgcolor=3D"#ffffff" border=3D=
"0">=0A =0A
lor=3D"#ffffff" align=3D"center">=0A
; COLOR: #ffffff">Questions? Visit our
ne; COLOR: #ffffff" href=3D"[YourHelpCenterLink]">Help =0A Center.=
p>
------=_NextPart_000_1549_61C616DD.35A00B9C--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments