RBC Phish from vmi1535586.contaboserver.net Düsseldorf, North Rhine-Westphalia, Germany
Posted by Dave Yadallee on
Return-path:
Envelope-to: aboo@doctor.nl2k.ab.ca
Delivery-date: Fri, 19 Jan 2024 12:11:03 -0700
Received: from vmi1535586.contaboserver.net ([158.220.124.153]:50485 helo=gki.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rQtap-000000008HT-354e
for aboo@doctor.nl2k.ab.ca;
Fri, 19 Jan 2024 11:27:56 -0700
From: RBC Royal Bank
To: aboo@doctor.nl2k.ab.ca
Subject: DEBIT ALERT: Your Authorization is Required.
Date: 19 Jan 2024 20:26:43 +0200
Message-ID: <20240119202643.B1D522AFBD3971BB@gki.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.3
X-Spam_score_int: 53
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Royal Bank of Canada Hello, Your card was used for an Interac
Debit transaction of $200.00 at 1:15 PM ET
Content analysis details: (5.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.6 HK_RANDOM_ENVFROM Envelope sender username looks random
1.0 HK_RANDOM_FROM From username looks random
1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URI: duckdns.org]
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
0.3 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS
Subject: {SPAM?} DEBIT ALERT: Your Authorization is Required.
X-Antivirus: AVG (VPS 240118-6, 1/18/2024), Inbound message
X-Antivirus-Status: Clean
ass=3D"row row-1" role=3D"presentation" style=3D"color: rgb(0, 0, 0); font-=
family: "Times New Roman"; font-size: medium; background-size: au=
to;" width=3D"100%">
class=3D"row-content stack" role=3D"presentation" style=3D"background-size=
: auto; background-color: rgb(6, 120, 216); border-radius: 0px; width: 600p=
x;" width=3D"600">
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"25%">
e_block block-1" role=3D"presentation" width=3D"100%">
5px; width: 125px; padding-right: 0px;">
der-box; line-height: 10px;">
-f8aa-4227-9885-db6e282af326/rbc-logo-shield.svg?v=3D1700748777920" style=
=3D"box-sizing: border-box; display: block; height: auto; border: 0px; widt=
h: 56px; max-width: 100%;" width=3D"56" />
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"75%">
graph_block block-1" role=3D"presentation" style=3D"word-break: break-word;=
" width=3D"100%">
10px; padding-right: 10px; padding-top: 5px;">
irection: ltr; font-family: Arial, "Helvetica Neue", Helvetica, s=
ans-serif; font-size: 14px; letter-spacing: 0px; line-height: 16.8px;">
0px;">Royal Bank of Canada
g>
ass=3D"row row-2" role=3D"presentation" style=3D"color: rgb(0, 0, 0); font-=
family: "Times New Roman"; font-size: medium;" width=3D"100%">
class=3D"row-content stack" role=3D"presentation" style=3D"width: 500px;" =
width=3D"500">
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"100%">
agraph_block block-1" role=3D"presentation" style=3D"word-break: break-word=
;" width=3D"100%">
Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px;=
letter-spacing: 0px; line-height: 16.8px;">
0px 0px 16px;">Hello,
0px;">Your card was used for an Interac Debit transaction of $200.00 at 1:1=
5 PM ET
0px;">
0px;">If you did not authorize this transaction you can stop the debit now!=
ton_block block-2" role=3D"presentation" width=3D"100%">
der-box;">
round-color: #0678d8; border-radius: 0px; width: auto; border-width: 0px; b=
order-style: solid; border-color: transparent; padding-top: 5px; padding-bo=
ttom: 5px; font-family: Arial, "Helvetica Neue", Helvetica, sans-=
serif; font-size: 14px; word-break: keep-all;">
=2Educkdns.org" style=3D"box-sizing: border-box; text-decoration-line: none=
; color: #fff;">
padding-right: 30px; display: inline-block;">
-sizing: border-box; word-break: break-word; line-height: 28px;">
yle=3D"box-sizing: border-box;">Stop Debit!
>
ider_block block-4" role=3D"presentation" width=3D"100%">
der-box;">
esentation" width=3D"100%">
nt-size: 1px; line-height: 1px; border-top: 2px solid rgb(79, 75, 75);">
an style=3D"box-sizing: border-box;">
Envelope-to: aboo@doctor.nl2k.ab.ca
Delivery-date: Fri, 19 Jan 2024 12:11:03 -0700
Received: from vmi1535586.contaboserver.net ([158.220.124.153]:50485 helo=gki.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rQtap-000000008HT-354e
for aboo@doctor.nl2k.ab.ca;
Fri, 19 Jan 2024 11:27:56 -0700
From: RBC Royal Bank
To: aboo@doctor.nl2k.ab.ca
Subject: DEBIT ALERT: Your Authorization is Required.
Date: 19 Jan 2024 20:26:43 +0200
Message-ID: <20240119202643.B1D522AFBD3971BB@gki.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.3
X-Spam_score_int: 53
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Royal Bank of Canada Hello, Your card was used for an Interac
Debit transaction of $200.00 at 1:15 PM ET
Content analysis details: (5.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.6 HK_RANDOM_ENVFROM Envelope sender username looks random
1.0 HK_RANDOM_FROM From username looks random
1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URI: duckdns.org]
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
0.3 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS
Subject: {SPAM?} DEBIT ALERT: Your Authorization is Required.
X-Antivirus: AVG (VPS 240118-6, 1/18/2024), Inbound message
X-Antivirus-Status: Clean
ass=3D"row row-1" role=3D"presentation" style=3D"color: rgb(0, 0, 0); font-=
family: "Times New Roman"; font-size: medium; background-size: au=
to;" width=3D"100%">
class=3D"row-content stack" role=3D"presentation" style=3D"background-size=
: auto; background-color: rgb(6, 120, 216); border-radius: 0px; width: 600p=
x;" width=3D"600">
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"25%">
e_block block-1" role=3D"presentation" width=3D"100%">
5px; width: 125px; padding-right: 0px;">
der-box; line-height: 10px;">
-f8aa-4227-9885-db6e282af326/rbc-logo-shield.svg?v=3D1700748777920" style=
=3D"box-sizing: border-box; display: block; height: auto; border: 0px; widt=
h: 56px; max-width: 100%;" width=3D"56" />
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"75%">
graph_block block-1" role=3D"presentation" style=3D"word-break: break-word;=
" width=3D"100%">
10px; padding-right: 10px; padding-top: 5px;">
irection: ltr; font-family: Arial, "Helvetica Neue", Helvetica, s=
ans-serif; font-size: 14px; letter-spacing: 0px; line-height: 16.8px;">
0px;">Royal Bank of Canada
g>
ass=3D"row row-2" role=3D"presentation" style=3D"color: rgb(0, 0, 0); font-=
family: "Times New Roman"; font-size: medium;" width=3D"100%">
class=3D"row-content stack" role=3D"presentation" style=3D"width: 500px;" =
width=3D"500">
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"100%">
agraph_block block-1" role=3D"presentation" style=3D"word-break: break-word=
;" width=3D"100%">
Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px;=
letter-spacing: 0px; line-height: 16.8px;">
0px 0px 16px;">Hello,
0px;">Your card was used for an Interac Debit transaction of $200.00 at 1:1=
5 PM ET
0px;">
0px;">If you did not authorize this transaction you can stop the debit now!=
ton_block block-2" role=3D"presentation" width=3D"100%">
der-box;">
round-color: #0678d8; border-radius: 0px; width: auto; border-width: 0px; b=
order-style: solid; border-color: transparent; padding-top: 5px; padding-bo=
ttom: 5px; font-family: Arial, "Helvetica Neue", Helvetica, sans-=
serif; font-size: 14px; word-break: keep-all;">
=2Educkdns.org" style=3D"box-sizing: border-box; text-decoration-line: none=
; color: #fff;">
padding-right: 30px; display: inline-block;">
-sizing: border-box; word-break: break-word; line-height: 28px;">
yle=3D"box-sizing: border-box;">Stop Debit!
>
ider_block block-4" role=3D"presentation" width=3D"100%">
der-box;">
esentation" width=3D"100%">
nt-size: 1px; line-height: 1px; border-top: 2px solid rgb(79, 75, 75);">
an style=3D"box-sizing: border-box;">
graph_block block-5" role=3D"presentation" style=3D"word-break: break-word;=
" width=3D"100%">
ection: ltr; font-family: Arial, "Helvetica Neue", Helvetica, san=
s-serif; font-size: 12px; letter-spacing: 0px; line-height: 14.4px;">
0px;"> Privac=
y & Security |
">Legal
ider_block block-6" role=3D"presentation" width=3D"100%">
der-box;">
esentation" width=3D"100%">
nt-size: 1px; line-height: 1px; border-top: 2px solid rgb(79, 75, 75);">
an style=3D"box-sizing: border-box;">
ass=3D"row row-3" role=3D"presentation" style=3D"color: rgb(0, 0, 0); font-=
family: "Times New Roman"; font-size: medium;" width=3D"100%">
class=3D"row-content stack" role=3D"presentation" style=3D"width: 600px;" =
width=3D"600">
g-bottom: 5px; padding-top: 5px; vertical-align: top; border-width: 0px; bo=
rder-style: initial; border-color: initial;" width=3D"100%">
s_block block-1" role=3D"presentation" width=3D"100%">
middle; color: rgb(157, 157, 157); font-family: inherit; font-size: 15px; =
padding-bottom: 5px; padding-top: 5px; text-align: center;">
idth=3D"100%">
al-align: middle;">
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments