NetFlix Phish from Lansing Michigan

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 30 Jul 2024 14:59:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sYtv0-0000000090n-0yes

for dave@doctor.nl2k.ab.ca;

Tue, 30 Jul 2024 14:58:02 -0600

Resent-From: The Doctor

Resent-Date: Tue, 30 Jul 2024 14:58:02 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from cloudhost-10356436.uk-south-2.nxcli.net ([87.76.28.82]:25922)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sYrqU-00000000CFE-2f9y

for sales@nk.ca;

Tue, 30 Jul 2024 12:45:19 -0600

Received: (qmail 13453 invoked by uid 10037); 30 Jul 2024 17:15:24 +0100

Date: Tue, 30 Jul 2024 16:11:05 +0000

To: sales@nk.ca

From: Netflix Support Team

Reply-To: notifications@netflix-support.com

Subject: Important Notice Regarding Your Netflix Account

Message-ID:

List-Unsubscribe: mailto:bounce307-gNCvxbsqk9PXi7o@netflix.com?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1cf7f266b6d9ac81ee52024d83c7a5f06"

Content-Transfer-Encoding: 8bit

X-Spam_score: 19.1

X-Spam_score_int: 191

X-Spam_bar: +++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Account Notification body { font-family: 'Arial', sans-serif;

background-color: #fff; margin: 0; padding: 20px; color: #333; } .container

{ background-color: #f8f8f8; border: 1px solid #e0e0e0; padding: 20px; max-width:

[...]



Content analysis details: (19.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[87.76.28.82 listed in dnsbl.ahbl.org]

[87.76.28.82 listed in dnsbl.ahbl.org]

[87.76.28.82 listed in dnsbl.ahbl.org]

[87.76.28.82 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[87.76.28.82 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[87.76.28.82 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[87.76.28.82 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[87.76.28.82 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

[87.76.28.82 listed in will-spam-for-food.eu.org]

1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,

https://senderscore.org/blocklistlookup/

[87.76.28.82 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[87.76.28.82 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[87.76.28.82 listed in wl.mailspike.net]

1.5 NIX_SPAM RBL: Listed in NIX_SPAM DNSBL (thanks to heise.de)

[87.76.28.82 listed in ix.dnsbl.manitu.net]

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 HTML_IMAGE_ONLY_24 BODY: HTML: images with 2000-2400 bytes of words

2.0 US_8BIT US-ASCII isn't an eight bit charset

1.5 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts

suspended", "account credited", "account

verification"

0.9 URI_PHISH Phishing using web form

1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)

0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%

[cf: 100]

2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level

above 50%

[cf: 100]

Subject: {SPAM?} Important Notice Regarding Your Netflix Account



This is a multi-part message in MIME format.



--1cf7f266b6d9ac81ee52024d83c7a5f06

Content-Type: text/plain; charset=us-ascii













Account Notification



body {

font-family: 'Arial', sans-serif;

background-color: #fff;

margin: 0;

padding: 20px;

color: #333;

}

.container {

background-color: #f8f8f8;

border: 1px solid #e0e0e0;

padding: 20px;

max-width: 600px;

margin: 20px auto;

box-shadow: 0 2px 4px rgba(0,0,0,0.1);

}

h1 {

color: #E50914;

}

p {

font-size: 16px;

line-height: 1.5;

}

a {

display: block;

width: max-content;

background-color: #E50914;

color: white;

padding: 10px 20px;

text-align: center;

text-decoration: none;

margin-top: 20px;

border-radius: 4px;

}

.footer {

font-size: 12px;

text-align: center;

color: #777;

margin-top: 20px;

}

.logo {

text-align: center;

margin-bottom: 20px;

}

.logo img {

width: 50px; / Adjust the size as needed /

}















Important Account Notice

Dear Subscriber,

We've noticed that your latest subscription payment has not been received. To continue enjoying your service without interruption, please update your payment details promptly.

If we do not receive payment by the due date, your account will be temporarily suspended.

Update Payment Details

If you have any questions or need assistance, please contact our customer support.



Thank you for choosing our service,



The Support Team











--1cf7f266b6d9ac81ee52024d83c7a5f06

Content-Type: text/html; charset=us-ascii













Account Notification











Important Account Notice



Dear Subscriber,



We've noticed that your latest subscription payment has not been received. To continue enjoying your service without interruption, please update your payment details promptly.



If we do not receive payment by the due date, your account will be temporarily suspended.



Update Payment Details

If you have any questions or need assistance, please contact our customer support.

















--1cf7f266b6d9ac81ee52024d83c7a5f06--

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA