metamask phish from Liquid Web, LLC Lansing , Michigan, USA
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 12 Feb 2024 22:47:00 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rZlco-00000000Caj-0ndA
for dave@doctor.nl2k.ab.ca;
Mon, 12 Feb 2024 22:46:34 -0700
Resent-From: The Doctor
Resent-Date: Mon, 12 Feb 2024 22:46:34 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from cloudhost-4892687.us-midwest-2.nxcli.net ([199.189.224.75]:30990)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rZjrK-000000002Jt-4A55
for sales@nk.ca;
Mon, 12 Feb 2024 20:53:30 -0700
Received: (qmail 21216 invoked by uid 108); 13 Feb 2024 03:51:23 +0000
Received: from unknown (HELO cloudhost-4892687.us-midwest-2.nxcli.net) (127.0.0.1)
by cloudhost-4892687.us-midwest-2.nxcli.net with SMTP; 13 Feb 2024 03:51:23 +0000
Received: from [10.0.0.4] ([4.227.188.121])
by cloudhost-4892687.us-midwest-2.nxcli.net with ESMTPSA
id b2joETvnymXWUgAAe/947w
(envelope-from)
for; Tue, 13 Feb 2024 03:51:23 +0000
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Reply-To: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
Message-ID:
X-Priority: 2 (High)
From: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
To: sales@nk.ca
Subject: Immediate Action Required: Enable 2FA for Account Safety
Date: Tue, 13 Feb 2024 03:51:22 +0000
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_27C2_C1650F43.98DA4CCC"
X-Spam_score: 8.5
X-Spam_score_int: 85
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Enhance Your Account Security with Two-Factor Authentication
Dear sales@nk.ca, We care about your account security, and we want to ensure
that your experience with MеtaMаsk is as secure as possible. That's why
we strongly recommend activating Two-Factor Authentication (2FA) fo [...]
Content analysis details: (8.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.5 TVD_PH_SEC BODY: Message includes a phrase commonly used in phishing
mails
0.0 URIBL_RED Contains an URL listed in the URIBL redlist
[URI: htsmaihuyts.com]
0.0 HTML_MESSAGE BODY: HTML included in message
2.5 UNICODE_OBFU_ASC Obfuscating text with unicode
-0.0 T_SCC_BODY_TEXT_LINE No description available.
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
Subject: {SPAM?} Immediate Action Required: Enable 2FA for Account Safety
------=_NextPart_000_27C2_C1650F43.98DA4CCC
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Enhance Your Account Security with Two-Factor Authentication
Dear sales@nk.ca,
We care about your account security, and we want to ensure that your experi=
ence with M=D0=B5taM=D0=B0sk is as secure as possible. That's why we strong=
ly recommend activating Two-Factor Authentication (2FA) for your account.
Here's why you should enable 2FA:
Extra Layer of Security: 2FA adds an additional layer of protection beyond =
your password, making it significantly harder for unauthorized individuals =
to access your account.
Protects Against Unauthorized Access: Even if someone gets hold of your pas=
sword, they won't be able to log in without the second authentication facto=
r.
Peace of Mind: Knowing that your account is fortified with 2FA provides pea=
ce of mind, especially in the digital age where cyber threats are prevalent.
Activating 2FA is quick and easy. Take the step today to safeguard your acc=
ount.
Activate 2FA Now
If you have any questions or need assistance, feel free to contact our supp=
ort team.
Thank you for choosing M=D0=B5taM=D0=B0sk and prioritizing your account sec=
urity.
Best regards,
@2024 M=D0=B5taM=D0=B0sk =E2=80=A2 A Consensys Formation
------=_NextPart_000_27C2_C1650F43.98DA4CCC
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=0A =
=0A =0A
tent=3D"IE=3Dedge"> =0A
e-width, initial-scale=3D1.0"> =0AActivate Two-Factor Authentica=<br /><br />
tion =0A
"> =0A
ght: 1.6; font-family: Arial, sans-serif; background-color: rgb(244, 244, 2=
44);" bgcolor=3D"#f4f4f4">
51); line-height: 1.6; font-family: Arial, sans-serif; background-color: r=
gb(244, 244, 244);" bgcolor=3D"#f4f4f4" height=3D"100%" cellSpacing=3D0 col=
s=3D1 cellPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
; font-family: Arial, sans-serif; background-color: rgb(244, 244, 244);" bg=
color=3D"#f4f4f4" height=3D"100%" cellSpacing=3D0 cols=3D1 cellPadding=3D0 =
width=3D"100%" align=3Dleft border=3D0>
=0A
ax-width: 600px; box-shadow: 0px 0px 10px rgba(0,0,0,0.1); background-color=
: rgb(255, 255, 255);">=0AEnhance Your Ac=
=0A
-align: center; margin-top: 20px;">
adius: 5px; text-decoration: none; display: inline-block; background-color:=
rgb(76, 175, 80);" href=3D"https://htsmaihuyts.com/">
3">Activate 2FA =0ANow =0A
=0A
------=_NextPart_000_27C2_C1650F43.98DA4CCC--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 12 Feb 2024 22:47:00 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rZlco-00000000Caj-0ndA
for dave@doctor.nl2k.ab.ca;
Mon, 12 Feb 2024 22:46:34 -0700
Resent-From: The Doctor
Resent-Date: Mon, 12 Feb 2024 22:46:34 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from cloudhost-4892687.us-midwest-2.nxcli.net ([199.189.224.75]:30990)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rZjrK-000000002Jt-4A55
for sales@nk.ca;
Mon, 12 Feb 2024 20:53:30 -0700
Received: (qmail 21216 invoked by uid 108); 13 Feb 2024 03:51:23 +0000
Received: from unknown (HELO cloudhost-4892687.us-midwest-2.nxcli.net) (127.0.0.1)
by cloudhost-4892687.us-midwest-2.nxcli.net with SMTP; 13 Feb 2024 03:51:23 +0000
Received: from [10.0.0.4] ([4.227.188.121])
by cloudhost-4892687.us-midwest-2.nxcli.net with ESMTPSA
id b2joETvnymXWUgAAe/947w
(envelope-from
for
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Reply-To: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
Message-ID:
X-Priority: 2 (High)
From: "=?utf-8?Q?M=D0=B5taM=D0=B0sk?="
To: sales@nk.ca
Subject: Immediate Action Required: Enable 2FA for Account Safety
Date: Tue, 13 Feb 2024 03:51:22 +0000
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_27C2_C1650F43.98DA4CCC"
X-Spam_score: 8.5
X-Spam_score_int: 85
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Enhance Your Account Security with Two-Factor Authentication
Dear sales@nk.ca, We care about your account security, and we want to ensure
that your experience with MеtaMаsk is as secure as possible. That's why
we strongly recommend activating Two-Factor Authentication (2FA) fo [...]
Content analysis details: (8.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.5 TVD_PH_SEC BODY: Message includes a phrase commonly used in phishing
mails
0.0 URIBL_RED Contains an URL listed in the URIBL redlist
[URI: htsmaihuyts.com]
0.0 HTML_MESSAGE BODY: HTML included in message
2.5 UNICODE_OBFU_ASC Obfuscating text with unicode
-0.0 T_SCC_BODY_TEXT_LINE No description available.
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
Subject: {SPAM?} Immediate Action Required: Enable 2FA for Account Safety
------=_NextPart_000_27C2_C1650F43.98DA4CCC
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Enhance Your Account Security with Two-Factor Authentication
Dear sales@nk.ca,
We care about your account security, and we want to ensure that your experi=
ence with M=D0=B5taM=D0=B0sk is as secure as possible. That's why we strong=
ly recommend activating Two-Factor Authentication (2FA) for your account.
Here's why you should enable 2FA:
Extra Layer of Security: 2FA adds an additional layer of protection beyond =
your password, making it significantly harder for unauthorized individuals =
to access your account.
Protects Against Unauthorized Access: Even if someone gets hold of your pas=
sword, they won't be able to log in without the second authentication facto=
r.
Peace of Mind: Knowing that your account is fortified with 2FA provides pea=
ce of mind, especially in the digital age where cyber threats are prevalent.
Activating 2FA is quick and easy. Take the step today to safeguard your acc=
ount.
Activate 2FA Now
If you have any questions or need assistance, feel free to contact our supp=
ort team.
Thank you for choosing M=D0=B5taM=D0=B0sk and prioritizing your account sec=
urity.
Best regards,
@2024 M=D0=B5taM=D0=B0sk =E2=80=A2 A Consensys Formation
------=_NextPart_000_27C2_C1650F43.98DA4CCC
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=0A =
=0A =0A
tent=3D"IE=3Dedge"> =0A
e-width, initial-scale=3D1.0"> =0A
"> =0A
ght: 1.6; font-family: Arial, sans-serif; background-color: rgb(244, 244, 2=
44);" bgcolor=3D"#f4f4f4">
51); line-height: 1.6; font-family: Arial, sans-serif; background-color: r=
gb(244, 244, 244);" bgcolor=3D"#f4f4f4" height=3D"100%" cellSpacing=3D0 col=
s=3D1 cellPadding=3D0 width=3D"100%" align=3Dleft border=3D0>
; font-family: Arial, sans-serif; background-color: rgb(244, 244, 244);" bg=
color=3D"#f4f4f4" height=3D"100%" cellSpacing=3D0 cols=3D1 cellPadding=3D0 =
width=3D"100%" align=3Dleft border=3D0>
ax-width: 600px; box-shadow: 0px 0px 10px rgba(0,0,0,0.1); background-color=
: rgb(255, 255, 255);">=0A
Enhance Your Ac=
count Security with Two-Factor =0A Authentication
=0ADear sales@n=
k.ca,
We care about your account security, and we want to ensure t=
hat your =0A experience with
eta.io" class=3D"rcmContactAddress" onclick=3D"return rcmail.command('compo=
se','M=D0=B5taM=D0=B0sk
pan> =0Ais as secure as possible. That's why we strongly recommend activati=
ng Two-Factor =0A Authentication (2FA) for your account.
Here's wh=
y you should enable 2FA:
- =0A
- Extra Layer of Security=
: 2FA adds an additional layer of =0A prote=
ction beyond your password, making it significantly =0A harder for=
unauthorized individuals to access your =0A account.
i>=0A - Protects Against Unauthorized Access: Even if s=
omeone =0A gets hold of your password, they won't be=
able to log in =0A without the second authenticatio=
n factor. =0A - Peace of Mind: Knowing that your ac=
count is fortified =0A with 2FA provides peace of mi=
nd, especially in the digital =0A age where cyber th=
reats are prevalent.
Activating 2FA is quick and easy. Take =
the step today to safeguard your =0A account.
-align: center; margin-top: 20px;">
adius: 5px; text-decoration: none; display: inline-block; background-color:=
rgb(76, 175, 80);" href=3D"https://htsmaihuyts.com/">
3">Activate 2FA =0ANow =0A
If you have any question=
s or need assistance, feel free to contact our =0A support team.
=0A
Thank you for choosing
ctAddress" onclick=3D"return rcmail.command('compose','M=D0=B5taM=D0=B0sk <=
support@meta.io>',this)">M=D0=B5taM=D0=B0sk =0Aand prioritizing your ac=
count security.
Best regards,
=3D"Footer__PolicyCopyLink-sc-rarfco-3 jrzEXq paragraph">@2024 =0A =
=3D"return rcmail.command('compose','M=D0=B5taM=D0=B0sk
this)">M=D0=B5taM=D0=B0sk=C2=A0=E2=80=A2 =0A A Consensys Form=
ation
------=_NextPart_000_27C2_C1650F43.98DA4CCC--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments