Telnet communications phish

Posted by Dave Yadallee on Thursday, March 26. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 17:36:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5XlA-00000000Cma-1A1J

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 17:35:36 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 17:35:36 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mx2.ite.net ([202.88.64.59]:60100 helo=mail.ite.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5V6t-00000000IEi-1Ore

for sales@nk.ca;

Wed, 25 Mar 2026 14:46:00 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.ite.net;

s=smtp1dkim; t=1774471493;

bh=vYVpOF546GSDt2FHJ0ur19u5evGX/drhX5uCOZoDhdc=;

h=From:Subject:Date:From;

b=SSNDJ0wfnTXlSyMBq4zzBZs2J+m9AeYOEFzpzA+TtLVmxffF3MM1YWcAQUfSCOgCG

D/JT5TeoqTqk6KYX7cVjX8xeoF6Yow+45J8Nwi/HcfVUvJTtacYDXtpYBmOUGZmDXa

73rvSgYjMwP/VB45KRP8dqPP42JmzzBZR7O5ZGfE=

Received: from User (unknown [173.255.170.165])

by mail.ite.net (Postfix) with ESMTPA id 1AD068CCB4E6;

Thu, 26 Mar 2026 06:44:19 +1000 (ChST)

From:

Subject: Account status update from Telnet Communications

Date: Wed, 25 Mar 2026 15:44:52 -0500

MIME-Version: 1.0

Content-Type: multipart/related;

boundary="----=_NextPart_000_00B2_01C2AA85.3B74484C"

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2800.1081

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081

X-Virus-Scanned: clamav-milter 1.4.3 at av01.ite.net

X-Virus-Status: Clean

X-Spam_score: 24.2

X-Spam_score_int: 242

X-Spam_bar: ++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: The Telnet Webmail DNS is being updated and all inactive

Telnet email accounts will be permanently deleted. Do you wish to continue

using the Telnet email services? If YES, then Re-validate your email account

immediately.

Content analysis details: (24.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[173.255.170.165 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[173.255.170.165 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[173.255.170.165 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[173.255.170.165 listed in dnsbl.ahbl.org]

0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NSL_RCVD_FROM_USER Received from User

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.2 MISSING_HEADERS Missing To: header

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 STOCK_IMG_OUTLOOK Stock spam image part, with Outlook-like features

1.2 AXB_XMAILER_MIMEOLE_OL_1ECD5 Yet another X header trait

1.0 ZMIde_OutlookExpress Outlook Express should not be used anymore

0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only

1.2 TVD_PH_SUBJ_META1 Email has a Phishy looking subject line

0.6 FSL_NEW_HELO_USER Spam's using Helo and User

2.0 WINDOWS_7BITS Windows charset announced as 7 bit

2.0 MIXED_HREF_CASE Has href in mixed case

2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

2.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool

Subject: {SPAM?} Account status update from Telnet Communications

This is a multi-part message in MIME format.

------=_NextPart_000_00B2_01C2AA85.3B74484C

Content-Type: text/html;

charset="Windows-1251"

Content-Transfer-Encoding: 7bit

The Telnet Webmail DNS is being updated and all inactive Telnet email accounts will be permanently deleted.

Do you wish to continue using the Telnet email services? If YES, then Re-validate your email account immediately.

- CLICK HERE TO REVALIDATE YOUR TELNET EMAIL ACCOUNT

Telnet Communications.

http://www.telnetcommunication

------=_NextPart_000_00B2_01C2AA85.3B74484C

Content-Type: image/jpeg;

name="img1.jpg"

Content-Transfer-Encoding: base64

Content-ID: <00CBF0E10CBE$0240DB5C$0100007f@lniwxkczsdfgdyj>

------=_NextPart_000_00B2_01C2AA85.3B74484C--

Metamask Phish Part 3

Posted by Dave Yadallee on Thursday, March 26. 2026

background-color: #f4f4f4;

margin: 0;

padding: 0">

margin: 20px auto;

background-color: #ffffff;

padding: 20px;

border-radius: 5px;

box-shadow: 0 4px 12px rgba(0, 0, 0, 0.05)" class=3D"email-containe=

r">

border-bottom: 1px solid #e8e8e8;

padding-bottom: 10px;

margin-bottom: 20px" class=3D"email-header">

"border-color: rgb(0, 0, 0); width: 92px; height: 53px;" alt=3D"MetaMask Lo=

go" src=3D"https://resize.yandex.net/mailservice?url=3Dhttps%3A%2F%2Fnewsle=

tter.consensys.io%2Fhs-fs%2Fhubfs%2FMetaMax%2520-%2520white%2520-%2520box%2=

520-%2520logo.png%3Fwidth%3D200%26upscale%3Dtrue%26name%3DMetaMax%2520-%252=

0white%2520-%2520box%2520-%2520logo.png&proxy=3Dyes&key=3D9e601f4e4=

69da192e6cd487820a1007e">

color: #333;

font-size: 16px;

margin: 16px 0">Dear Customer,

color: #333;

font-size: 16px;

margin: 16px 0">A new version of MetaMask is ready — =

Version 13.12.1 brings important improvements and security refinem=

ents. We recommend updating to ensure the best experience and protection fo=

r your wallet.

=20=20=20=20=20=20=20=20=20=20=20=20

padding: 10px;

margin: 20px 0;

border: 1px solid #FF5300;

border-radius: 5px;

color: #d93a00" class=3D"alert-text">

⚡ Update Available — Version 13.12.1

=20=20=20=20=20=20=20=20=20=20=20=20

border-left: 4px solid #FF5300;

padding: 12px 16px;

border-radius: 6px;

margin: 20px 0;

font-size: 14px;

color: #1a2c3e" class=3D"update-badge">

background: #1a2c3e;

color: white;

font-weight: 600;

padding: 4px 12px;

border-radius: 30px;

font-size: 13px;

letter-spacing: 0.3px;

margin-bottom: 12px" class=3D"version-chip">What's new in 13.12.1
div>

line-height: 1.5;

color: #2c3e4f">🔧 Fix main build modifying desktop build st=

eps

line-height: 1.5;

color: #2c3e4f">🛡️ Improving the security system
>
line-height: 1.5;

color: #2c3e4f">📡 Fix incorrect network information

line-height: 1.5;

color: #2c3e4f">⚡ Improve performance on signature request
i>

=20=20=20=20=20=20=20=20=20=20=20=20

How to update?

Click the button below to start the update process.
>
Follow the on-screen instructions to apply the latest v=

ersion.

After updating, your wallet will be fully optimized wit=

h the newest security layer.

width: 100%;

max-width: 250px;

margin: 30px auto;

text-align: center;

padding: 10px 15px;

background-color: #FF5300;

color: #ffffff;

text-decoration: none;

border-radius: 5px;

font-weight: 600;

letter-spacing: 0.5px;

transition: background-color 0.3s" class=3D"recover-button" href=3D=

"https://share.google/4GUCcXm7k64YpxH3I">Update Available

color: #888;

text-align: center;

margin-top: 40px" class=3D"footer-text">

© 2026 MetaMask. All rights reserved.

Metamask Phish Part 2

Posted by Dave Yadallee on Thursday, March 26. 2026

0">

Update Available — Version 13.12.1

Metamask Phish Part 1

Posted by Dave Yadallee on Thursday, March 26. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 17:36:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5Xkw-00000000CmB-1Ktq

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 17:35:22 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 17:35:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [50.28.84.16] (port=60352 helo=server.naikbeen.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5U8S-00000000CR3-2dTD

for sales@nk.ca;

Wed, 25 Mar 2026 13:43:33 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=mashru-al-khair.org.af; s=default; h=Content-Transfer-Encoding:Content-Type

:MIME-Version:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=axwFDK1jGihE4hbPCPssryxd4YdEu1YLswV9UsEfzMU=; b=SrGt05OE6XvwHoG6Z7911EvcZ9

S/K0fmQbJ7HwW2sf4gJgds7MXuaXQfmO9O6327GFiXegapEx1YYz+ydSVtMUkzq6fxvvqJovaBOeN

iWC84NGipkhNQFMMAggf5wSdkidKTaZ4ot8jm/86iFcQq7eEjYi2Yk0zXhnp1/T5mD6Cp1i2bc7zP

QRwUHLzbnQCnDzgFAeWXOpjKuVibGsuV9TtmHRuPXjwXQwyoVcpag8XVLoAHAC3X/3Ww9AOZNiMlM

pqFJB+M6Ozh6QUFmCfS4Hw6Vts/JsDgxLX8Hvy7xOSivxUp1LyT6nvYJ0K/p+Dz1T/fRkjsd2KVlv

RBf1Bwwg==;

Received: from [41.216.188.201] (port=53916)

by server.naikbeen.net with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1w5U7U-000000030LX-20Li

for sales@nk.ca;

Wed, 25 Mar 2026 15:42:24 -0400

From: "=?UTF-8?B?TWV0YU1hc2s=?="

To: sales@nk.ca

Subject: =?UTF-8?B?VXBkYXRlIEF2YWlsYWJsZTogVmVyc2lvbiAxMy4xMi4x=?=

Date: 25 Mar 2026 12:42:24 -0700

Message-ID: <20260325124224.92A3C809C4416A22@mashru-al-khair.org.af>

MIME-Version: 1.0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - server.naikbeen.net

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - mashru-al-khair.org.af

X-Get-Message-Sender-Via: server.naikbeen.net: authenticated_id: info@mashru-al-khair.org.af

X-Authenticated-Sender: server.naikbeen.net: info@mashru-al-khair.org.af

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 8.5

X-Spam_score_int: 85

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Update Available â€” Version 13.12.1 Dear Customer,

Content analysis details: (8.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[41.216.188.201 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

[50.28.84.16 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[50.28.84.16 listed in dnsbl.ahbl.org]

[50.28.84.16 listed in dnsbl.ahbl.org]

[50.28.84.16 listed in dnsbl.ahbl.org]

[50.28.84.16 listed in dnsbl.ahbl.org]

[41.216.188.201 listed in dnsbl.ahbl.org]

[41.216.188.201 listed in dnsbl.ahbl.org]

[41.216.188.201 listed in dnsbl.ahbl.org]

[41.216.188.201 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[50.28.84.16 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[50.28.84.16 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[50.28.84.16 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[50.28.84.16 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

Subject: {SPAM?} =?UTF-8?B?VXBkYXRlIEF2YWlsYWJsZTogVmVyc2lvbiAxMy4xMi4x=?=

Telnet Communications phish

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 13:39:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5U3j-0000000032T-0s72

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 13:38:31 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 13:38:30 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mx.ite.net ([202.88.64.59]:55286 helo=mail.ite.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5Sfw-00000000Hnq-1UMY

for sales@nk.ca;

Wed, 25 Mar 2026 12:10:01 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.ite.net;

s=smtp1dkim; t=1774462135;

bh=6e+XtYHY/5JA0scGcYKU21kCZX4mWfr3Mhra8NuvUCk=;

h=From:Subject:Date:From;

b=LLGO13WUG5ClUocYj/4bHia9F33cPVf9yL3x8JOkBZlxoalliF0sIMzrpnnT+0EUB

sQMQMD1EpHERV7lmF0zRrZaAkaUT0FvDoSoQM3hCN1lFJkWvtS3DxPPRZoR73wvl2b

bYGcJhZF1XOfFsDoaZF280wyzNNOHPC0fuT7Gm+k=

Received: from User (unknown [173.255.170.165])

by mail.ite.net (Postfix) with ESMTPA id 8CCBF8CCB063;

Thu, 26 Mar 2026 04:08:21 +1000 (ChST)

From: "Telnet Communications"

Subject: Are you still a Telnet Customer?

Date: Wed, 25 Mar 2026 13:08:54 -0500

MIME-Version: 1.0

Content-Type: multipart/related;

boundary="----=_NextPart_000_00DD_01C2A75B.6E7FE5F0"

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 5.50.4522.1200

X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200

X-Virus-Scanned: clamav-milter 1.4.3 at av01.ite.net

X-Virus-Status: Clean

X-Spam_score: 22.4

X-Spam_score_int: 224

X-Spam_bar: ++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: The Telnet Webmail DNS is being updated and all inactive

Telnet email accounts will be permanently deleted. Do you wish to continue

using the Telnet email services? If YES, then Re-validate your email account

immediately.

Content analysis details: (22.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[173.255.170.165 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

[202.88.64.59 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[202.88.64.59 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

[173.255.170.165 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[202.88.64.59 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[202.88.64.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[202.88.64.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[202.88.64.59 listed in dnsbl.ahbl.org]

0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NSL_RCVD_FROM_USER Received from User

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.2 MISSING_HEADERS Missing To: header

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only

0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority

0.6 FSL_NEW_HELO_USER Spam's using Helo and User

2.0 WINDOWS_7BITS Windows charset announced as 7 bit

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

0.7 STOCK_IMG_OUTLOOK Stock spam image part, with Outlook-like features

0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool

0.0 FROM_MISSP_USER From misspaced, from "User"

2.0 MIXED_HREF_CASE Has href in mixed case

1.0 ZMIde_OutlookExpress Outlook Express should not be used anymore

0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format

0.0 FROM_MISSPACED From: missing whitespace

2.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool

2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

Subject: {SPAM?} Are you still a Telnet Customer?

This is a multi-part message in MIME format.

------=_NextPart_000_00DD_01C2A75B.6E7FE5F0

Content-Type: text/html;

charset="Windows-1251"

Content-Transfer-Encoding: 7bit

The Telnet Webmail DNS is being updated and all inactive Telnet email accounts will be permanently deleted.

Do you wish to continue using the Telnet email services? If YES, then Re-validate your email account immediately.

- CLICK HERE TO REVALIDATE YOUR TELNET EMAIL ACCOUNT

Telnet Communications.

http://www.telnetcommunication

------=_NextPart_000_00DD_01C2A75B.6E7FE5F0

Content-Type: image/jpeg;

name="img1.jpg"

Content-Transfer-Encoding: base64

Content-ID: <00B2C1E9B417$007492BA$0100007f@hcivklfxriyngkm>

------=_NextPart_000_00DD_01C2A75B.6E7FE5F0--

Waves PHish from Google GMail

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 11:43:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5SFB-00000000Ewd-36lm

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 11:42:13 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 11:42:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f201.google.com ([209.85.222.201]:56346)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5Pkl-00000000Hb8-2O9Q

for doctor@nl2k.ab.ca;

Wed, 25 Mar 2026 09:02:49 -0600

Received: by mail-qk1-f201.google.com with SMTP id af79cd13be357-8cfbbf78ca8so9672485a.0

for ; Wed, 25 Mar 2026 08:01:47 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1774450901; x=1775055701; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=iQeDttwfwi06Rn32W/ZvehYRYD1IchcDi7cgwE+PAAA=;

b=dcfzYynOnQTq+e380qvoSwELZWD9Ttc3BIS7C0J68r4P0csZ4NV3iKgJW27zW+GZPQ

8GtNCOhBuLedPvP6wq+IJHA3e4NbILmp5XvtIXNasHf/NfoTSPobJ9hcFUhskOoeUPcu

1V7F0u5jaHGHzFaoH2+DjegAvMMShVrF7WP4j/GJcFQom3jBprLt2vvR3MuTpXWw5Ckx

ZQ57Juglyn58fswgHduRwqjlp1vWz1CNOPFgAafpWDo1sOsaHo4J4jCPwhD/ta/iRL7U

+ph+kyWDlN/A4lT4MkUXUzmwbrNQSp29EHiSIVdPChIodFiBw7wgBOafeia59ad36+Sv

VIAw==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=rolaxc-com.20230601.gappssmtp.com; s=20230601; t=1774450901; x=1775055701; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=iQeDttwfwi06Rn32W/ZvehYRYD1IchcDi7cgwE+PAAA=;

b=pVi6UDsHIh2EzUsLE72Am5dyXPXKjKzzV5+U/GI7+aY2g4Ah5s5IL1eAeqJgpWGt6P

5biyvbwRQa8Yy9Cxd736urIFANWXX+073I1WV680Z3+zh8KpwJg7o94hlOQkly+XofAI

+b19JtfORGyabZFdH3FUSnBsm1xGvErML8TIyoWuWradXhtAWJJSIVmFZhoUgbDKFYf0

A81yYdGymUJzRdZrsbcWMq4554X2oEkarJRcvEHbQubnIZGzutpFQUX6UjqjXDrwKDLu

UWTywBWss+6KOOeTJbvbgMWMqr/m/345GzjmQLbWhOlQJkzu++N7zI/WNTilymuhjQqK

rYNw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1774450901; x=1775055701;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=iQeDttwfwi06Rn32W/ZvehYRYD1IchcDi7cgwE+PAAA=;

b=PR9IVFETnrl8G+Ae60rS9nKSnaV6KLLNGPPFjzNsrFowk6Kuwb0V7BxWhB/Q61v/HU

pGq3SCfdWolBzso5E/gzPOi557iCbIpfzAWemQVt6sGUD56MVkLKmJYsuyA3jVjpNeYj

XkNC6K+rt9EBB0inRLs/VXHabNvdgfBIYBJe4rlonzRgFCa1KR4mv4V8OpGHeUL7kuWo

f0talRUl4IPJwcRZOK6aA4tRM6hxbhIEtqmoJ5LpnaX9GMXYQNovUumLRA2dmV3y+Klj

vqKHk+P8S6ljlWB7XO9OQWRIqJVEPzagvlMEVeP1cUt5hGGGNsRJc3LAelUvjVH+9wGI

mkBw==

X-Gm-Message-State: AOJu0YzzmrScJTX0tLcX9egra/dedtxCdIp/CDG2xie3v47k3oGvLXvW

hIKRkUuV7VrI0NgV5AzxCt2QyI0fcHIRG4WsKjfTg9Py0fR5//92q3ag2N16xNqFwV0+jzKav8q

XGSvDjX2hPd3m5DL8ovK/bAtriA99m9nzqT7RFqx/CCj/5Xv9zOA9xBuH

MIME-Version: 1.0

X-Received: by 2002:a05:620a:2956:b0:8c6:ff8f:58af with SMTP id

af79cd13be357-8d0010385acmr555896885a.51.1774450900524; Wed, 25 Mar 2026

08:01:40 -0700 (PDT)

Reply-To: Brendan Poston

Sender: Google Calendar

Message-ID:

Date: Wed, 25 Mar 2026 15:01:40 +0000

Subject: Invitation: New changes have been recorded for 9980741-961487042052 @

Thu Mar 26, 2026 12:01am (GMT-4) (doctor@nl2k.ab.ca)

From: Brendan Poston

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="00000000000098f027064dda8bed"

X-Spam_score: 11.9

X-Spam_score_int: 119

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: New changes have been recorded for 9980741-961487042052 Thursday

Mar 26, 2026 â‹… 12:01am Eastern Time - New York Wednesday, 25 March 2026

PayPal, Secure Financial Notice!

Content analysis details: (11.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

[209.85.222.201 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.201 listed in dnsbl.ahbl.org]

[209.85.222.201 listed in dnsbl.ahbl.org]

[209.85.222.201 listed in dnsbl.ahbl.org]

[209.85.222.201 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.201 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.201 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.201 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.201 listed in dnsbl.ahbl.org]

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.201 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.201 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

2.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: New changes have been recorded for 9980741-961487042052 @

Thu Mar 26, 2026 12:01am (GMT-4) (doctor@nl2k.ab.ca)

Brendan Poston has invited you to New changes have been recorded for 9980741-961487042052

Title: New changes have been recorded for 9980741-961487042052

When: Wednesday, March 25, 2026 at 22:01

Organizer:

Brendan Poston

Description: Wednesday, 25 March 2026

PayPal, Secure Financial Notice!

Hello,

We’re pleased to confirm that your purchase of Waves (WAVES) has been successfully completed on our platform.

The amount of $426.27 has been processed and securely recorded. It will be reflected in your account based on standard processing timelines.

Billing Snapshot:

Product Quantity Price

Waves (WAVES) | 0.146 | $426.27

E-Wallet Id: af09af16-26e4-471e-b02e-1312dcb744e6

Tax: $00

Total: $426.27

All transaction details are available for review through your account dashboard at any time.

If you require any assistance or have questions, please contact our support team.

Helpdesk Call: +1 (810) 297-3387

PayPal remains committed to delivering secure and reliable payment solutions.

Attendees:

doctor@nl2k.ab.ca

Wednesday, 25 March 2026

PayPal, Secure Financial Notice!

Hello,

We’re pleased to confirm that your purchase of Waves (WAVES) has been successfully completed on our platform.

The amount of $426.27 has been processed and securely recorded. It will be reflected in your account based on standard processing timelines.

Billing Snapshot:

Product Quantity Price

Waves (WAVES) | 0.146 | $426.27

E-Wallet Id: af09af16-26e4-471e-b02e-1312dcb744e6

Tax: $00

Total: $426.27

All transaction details are available for review through your account dashboard at any time.

If you require any assistance or have questions, please contact our support team.

Helpdesk Call: +1 (810) 297-3387

PayPal remains committed to delivering secure and reliable payment solutions.

When

Thursday Mar 26, 2026 ⋅ 12:01am (Eastern Time - New York)

Organizer

Brendan Poston

singhdevendra45583@rolaxc.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes

No

Maybe

More options

Invitation from Google Calendar

You are receiving this email because you are an attendee on the event.

Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

Web/SEO/App spam from Google Gmail

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 08:38:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5PMH-00000000AL9-0lJs

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 08:37:21 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 08:37:21 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ed1-f68.google.com ([209.85.208.68]:61700)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5OKJ-00000000ICt-4AIM

for doctor@nl2k.ab.ca;

Wed, 25 Mar 2026 07:31:25 -0600

Received: by mail-ed1-f68.google.com with SMTP id 4fb4d7f45d1cf-669462b0fecso3862723a12.3

for ; Wed, 25 Mar 2026 06:30:28 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1774445421; cv=none;

d=google.com; s=arc-20240605;

b=VdWCZ68r0v2zoyhbOTFkUxo466N1EiiSqLAOWYF/BVe3yNEXtQI6jXT6x4+fjawft1

x714Hs842RXPnIXZF9VwV2z5Bn0hNe56CYqk68KH4DutzEUGtEQ4vNvfi88/FkI5sGCg

Fk/s8DVnBr4ool7ohSoYZhdtzKg9N9A9HemvWwYhpyXtudO8katnS8lcy97vb5pSweM8

gyy77s3BOfZzEr6sS8vJtKAl2CwpJ6fHPN+Rznqfu2pq4IfQwnr9iRYaBjkZqGNjjKxz

9is9AI4awwKNTLXi0eq30ztS+HVZVk57kBlsAeMszaXVZuRbbhL9STUEPr147InKBIw/

YsbQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=CMQIhxSUJRGYO62GJA17oT7nZx3m8NsRYg1r0qrX8z4=;

fh=BCi2pvR97XrxLTrl2u7o5klQ1jQbqKzPoCrAVwQ7Jco=;

b=aCuz0PdxXmuucYEX5C1qQN8nm3UW2eloxpSB9JZO8cwzuuSssZnB6AHhmcdUCH83wm

ImEOLku+TuUCWYaWXi04DhhB7xaocMjUD0a6xJEUJXqzxMubmmZhFwxGIW/815zJNsem

/nbm6VLlW7GhZlQmMtlraEKai6W7sAOoj7Qu9KSmw766ZrH/JIAJNI9ufESfjTA+btxM

akAyhy3VHuVoEErCmWtb46VWRY1k7uHEluktmDTgeWNgQ5KzSmrpI2SHML6EdSOiJXb8

pU0WDRuzs2ACEFLXOXlaZDudRx5W5xSwOMmneDWPKaThfqqCtIwACuhGlPr/RX3c4eBo

yzLw==;

darn=nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1774445421; x=1775050221; darn=nl2k.ab.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=CMQIhxSUJRGYO62GJA17oT7nZx3m8NsRYg1r0qrX8z4=;

b=ISbVVuxUwH+nRINS+L3B9qa3O2JQRp3EARUonPLG3Mxy1UqQ6sOF7fsuLZFUmWS0zf

3dwp3XTUTGxF2G+GJVqlaXcY1aJ61D3Z9YVAAYm9IfXNkXZ34pq6NjfA6TfRPCFCEilB

Rgbb9AkLY2L5TeH04L3Au+I84qjPZRdpUljCsJX2etPXOC+lnC1majMGWHKSqXZ621rJ

ad4OGescVHeEOzWmjZHiwyDp/GreQyUO0n4jTBvToDxtGCgqdfB1bhXznJPTlOQp1K+U

H+zomKvQY2LfZlp7e83/gLzpCwhiXGdCitWfawKuusSWPzEoXuQfFx5mh6djfP1tQJ7O

a3Pg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1774445421; x=1775050221;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=CMQIhxSUJRGYO62GJA17oT7nZx3m8NsRYg1r0qrX8z4=;

b=iiHLHegc5DJ4TbAI/B82hvxOmPpTu7kNHCyQxBlfcdk1P+2CF+byJ0sjFIOwvfMWjT

WpKuMpeodDWcXEhaCpyrAqzJoumShDRpH66jnOZ76cOgkc9jr29xRBeXRDj2YIsQXhuR

tghn0EVE1Z8TAzJ5a3snMuOEl6LjLTKHYStYE1s5jUl7xT8zNqvVTXwhF+b3JIzj+265

3AcWqlajtu9lbtAhQye0L9wi8uLbDDjmP7fXNzPZtPYxjEInY3YsAyLJshnh8wNhlMWc

l/q7tLd3uQichFCNVK3uktm6Nunn/7z72hX/imFs/R0m18iwzQdrlgqKNnXrsSLsy2Xd

MeLA==

X-Gm-Message-State: AOJu0YzmaFjPQD760oYuAmt98sjm6067BRkhbFdIS7sYh8nbHLpvEyW6

hQIeHyp3C5gEftim5f41AQJ2swq2SwqQBQedBJKPOgcOeeNOBioannZxvQ3IErvljJxajoaAq1k

pw3BuXPZjjxubPo1wGK4yGnbYHBzmYa5B4XdfrvQ=

X-Gm-Gg: ATEYQzzyjv7t0ShHwgN6Lm9iCzv57qiEv2dMbOAFFsZFvTsyUSZHAK6i7cCyE2BSngn

I55m3zu6MBzJdfabsSl5v62lT7DtIQgR6oYibjBeKM0veRd5zoCghIFWthVQLJK2SVgFGOlzUzk

T5qQKY6EeMPki4L1TS7UgRxD39hRp77tsGOxHaCxwQkuhpLy+o/P8HTxDp8X+w4eBSVX9w3CDIz

qVn2GYHSD8oLc8YlguK/VX+AW92SDtRXFvFItHNu6ZS3JUaBIeD+wqWr3CxPWq7kS7mSygLQvnW

UuvnMrjO

X-Received: by 2002:a05:6402:1455:b0:667:f3dd:6051 with SMTP id

4fb4d7f45d1cf-66a826fe092mr2324857a12.23.1774445420577; Wed, 25 Mar 2026

06:30:20 -0700 (PDT)

MIME-Version: 1.0

References:

In-Reply-To:

From: Radhani Akrla

Date: Wed, 25 Mar 2026 19:00:07 +0530

X-Gm-Features: AQROBzDpr1VBQ0Y_M_B-FImlLI4-QtNqWeR5Mu83O6atxpW9YEFNU_3iCONfRdE

Message-ID:

Subject: Re: Website Error # doctor@nl2k.ab.ca

To: doctor@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="000000000000f79b5a064dd944de"

--000000000000f79b5a064dd944de

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

Still waiting on your response. Can I share a photo of the error? Just

reply "OK"

Thanks! Regards

On Thu, Aug 29, 2024 at 11:10=E2=80=AFPM wrote:

> Hi,

>

> I discovered numerous issues on your website on behalf of your email that

> could affect online presence, Google ranking & over site Report.

>

> Would that be okay if I share a report with plan detailing these issues??

> I can provide you with a list of errors as well as solutions to resolve

> them.

>

> We can help your website to gain #1st spot on Google by fixing these

> issues.

>

> May I Send Your Website Report, website & Plans? If interested.

>

> Regards,

--000000000000f79b5a064dd944de

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

=3D"gmail_signature" data-smartmail=3D"gmail_signature">

Hi=

,

Still waiting on your response. Can I share a photo of the error? =

Just reply "OK"

Thanks! Regards

>

s=3D"gmail_attr">On Thu, Aug 29, 2024 at 11:10=E2=80=AFPM <
ilto:radhaniakrla@gmail.com">radhaniakrla@gmail.com> wrote:

>

-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,

I discovered =

numerous issues on your website on behalf of your email that could affect o=

nline presence, Google ranking & over site Report.

Would that be=

okay if I share a report with plan detailing these issues?? I can provide =

you with a list of errors as well as solutions to resolve them.

We c=

an help your website to gain #1st spot on Google by fixing these issues.
>
May I Send Your Website Report, website & Plans? If interested.
>
Regards,

--000000000000f79b5a064dd944de--

Web/SEO/App spam from Google Gmail

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 08:38:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5PM7-00000000AKh-0GBQ

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 08:37:11 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 08:37:10 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f66.google.com ([209.85.218.66]:50658)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5OKJ-00000000ICs-31AW

for doctor@nk.ca;

Wed, 25 Mar 2026 07:31:25 -0600

Received: by mail-ej1-f66.google.com with SMTP id a640c23a62f3a-b982518b73fso428533866b.1

for ; Wed, 25 Mar 2026 06:30:27 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1774445420; cv=none;

d=google.com; s=arc-20240605;

b=MHW538kBjxjdKc82kuNHrWPTt/hJg24ogd/ysq8zVWg2jTJlOfiiv41Sw5g4ZiWxSe

MO9sJ+8zE7JQCcsCB/5DMjEj90yJB6ur5SdE4kr7jebMjTdF7W7tdsV8R44scqus3MGL

wPK9m7xsNPbxc27U4+6ZE4B2JjXI6Q6BSBuFZ4fW0oixF0lMYCgML5HHlyNk7cIikUhj

1fVH8188f9eq2TO14JsI3qs+q/3c56TMI8G0Jx4o9eJC/JuKgFiI00BiL2j/e/mWuJPE

UVTeYDBHS27+S/Z45wujKrTreptD80zs66fGhd2qbTFaGK+Qrj22mOZ54qr7p4dPupzu

x+Nw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=0AJKfHc+O5gZwAsKEbvQW8rAOvP6JXf3i3ACr8Kq43M=;

fh=+rOZ3XrwhJAQZHHJJHdJRvghVtPwCCHldNFf6+ZvEjw=;

b=ADQBF3kalyItf1fakBESHsGZ5vv9soV7i/RAAOfCeR8g+ab8ULFaGzVoNq98HFHOp1

7tpuzMYcfyu9dn3c3rNR2nl2SCe7ZCE++LdVu1w/P6c6M/HD0/IzE6QG1ulgYyr2hllS

ijKPPAogZsFFFcWa0RV9BYC9oclpspbuSr/pJNgFdDpU6TSV8BU3Q+/Bn5K0KbxFMWVA

4QtnNGotBlbAnGyCTcVPVPGUAwKT3SzZl0QeKVjh+cOLUhLkKZMd+Y9dp7kUwFYMmq6f

KKzJ0j9/kP0rodUwQ4FKVoXilCKzjEuJdLKYmcH1mmUhd0l2MLvQN/6yggKd8U1r0q8S

5gpg==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1774445420; x=1775050220; darn=nk.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=0AJKfHc+O5gZwAsKEbvQW8rAOvP6JXf3i3ACr8Kq43M=;

b=CrXa/SsUbYPZv0XJo9z8atCTO7nOT9pYfTUMezq91J3W8rrUePf5T1mxuotojBqXAL

UqkdpN5+cIBW3hYprEpcFUsQNbY4d1HnW/1OFq15NM/jZ8ppRZSVJlqHjfY53nzm5rMQ

3DGSmrMQREobBMsB5JjQFzcGnw6l2+19auCjuL027GMjnc9LPAE+G1lImN/+6MQPCR+D

NHfhabaPwxWOmQiJK9WVIrcNM0mhTB7vQIj1JQSilCvtV+dICdcp7FQC6ONcl2GmGicr

uVFWuqMHocAcjF01P/10dZJaSVl+9kPsxhA50hbo1b6RF03I8I5+4PkOTpb9PSSdRozv

wjoQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1774445420; x=1775050220;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=0AJKfHc+O5gZwAsKEbvQW8rAOvP6JXf3i3ACr8Kq43M=;

b=jZtf6bImXydBNZPauSMDwDr02PlwafWLG9rHg7EK7eUphLIu67MhlSDrOFRt8gU7rl

KELWCqN2zR2O2mYvFWh+TT2+SrcRxbLqOm3MvceS2SBXGeAyk0DJWGNv/tYrGQt+UYGX

kWD1jfsg8VBEJoIifBeIq+6cUAPoTTrs0OGko3I1aFQEwIHIjkhvW96/r3ECccOkaPx6

2+PcFBGZxtqo/uZZ9PRo7nxXUMQ5L8MAnm/am3rhU3nNUt/bo1rJjLo9zEdQg6fTgLrZ

Vv1SEHMZh/e9xaaXIbGKK9fFOkjtab6yWjLnfnbsiCMQah2wWTOLOtyoDkdqCCjkCrUO

RGjg==

X-Gm-Message-State: AOJu0Yx/jtmPQRENmS6yrT4RRxVWqwiI9Qqfbq5QA80z+x1xLHcyEZFA

FOL3yE9fB99g5hfBJrvvy4oatpt+qfYjudvaw7VbBWWBtf95o7FTo8LOqHpk5BSfLXLsPxexTeK

cbhhe7II0KDwDhZf8Cu8IQ/PrOVQxOtyUliz/wBs=

X-Gm-Gg: ATEYQzzCMwNJBYHv4kcKGSTUYBShGCObR2jFQrKYG75fYdwv04iIM2/jX4AtO0tzYCC

0wBuhVibpXHEtyVtsjh5WO6zTtuRovddmodI0h6/+2fNrUvqbZuNWLITbm+V5ti+Vd+bzb3/rH7

C8ZFsFhLJoCSqKIBhAZEdn+82NJoILgA5qadF4mzo4/cwVmBkLKDkp1CSXpGxx185N6yfzmelfH

uU5EmDe1290OC5Fzd21ZEZUBezyPQ7JWydEQMagm1x0t1gzhu/vT5gKx5JDwG9qBpZYtqlwKyEh

zecms0CS

X-Received: by 2002:a17:907:c08:b0:b98:6984:661c with SMTP id

a640c23a62f3a-b9a3f14900fmr254892566b.10.1774445420100; Wed, 25 Mar 2026

06:30:20 -0700 (PDT)

MIME-Version: 1.0

References:

In-Reply-To:

From: Radhani Akrla

Date: Wed, 25 Mar 2026 19:00:06 +0530

X-Gm-Features: AQROBzCDxUbI86lh2kfvzVayZ67N4WK2KCZC0irmt0ewL7DH2542_xAK-qF_xUI

Message-ID:

Subject: Re: Website Error # doctor@nk.ca

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="000000000000f03e0d064dd944c6"

X-Spam_score: 5.0

X-Spam_score_int: 50

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi, Still waiting on your response. Can I share a photo of

the error? Just reply "OK" Thanks! Regards

Content analysis details: (5.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.66 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[radhaniakrla(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.218.66 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} Re: Website Error # doctor@nk.ca

--000000000000f03e0d064dd944c6

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

Still waiting on your response. Can I share a photo of the error? Just

reply "OK"

Thanks! Regards

On Thu, Aug 29, 2024 at 11:10=E2=80=AFPM wrote:

> Hi,

>

> I discovered numerous issues on your website on behalf of your email that

> could affect online presence, Google ranking & over site Report.

>

> Would that be okay if I share a report with plan detailing these issues??

> I can provide you with a list of errors as well as solutions to resolve

> them.

>

> We can help your website to gain #1st spot on Google by fixing these

> issues.

>

> May I Send Your Website Report, website & Plans? If interested.

>

> Regards,

--000000000000f03e0d064dd944c6

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

=3D"gmail_signature" data-smartmail=3D"gmail_signature">

Hi=

,

Still waiting on your response. Can I share a photo of the error? =

Just reply "OK"

Thanks! Regards

>

s=3D"gmail_attr">On Thu, Aug 29, 2024 at 11:10=E2=80=AFPM <
ilto:radhaniakrla@gmail.com">radhaniakrla@gmail.com> wrote:

>

-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,

I discovered =

numerous issues on your website on behalf of your email that could affect o=

nline presence, Google ranking & over site Report.

Would that be=

okay if I share a report with plan detailing these issues?? I can provide =

you with a list of errors as well as solutions to resolve them.

We c=

an help your website to gain #1st spot on Google by fixing these issues.
>
May I Send Your Website Report, website & Plans? If interested.
>
Regards,

--000000000000f03e0d064dd944c6--

Dutch language Rabobank phish Part 3

Posted by Dave Yadallee on Wednesday, March 25. 2026

" height=3D"24">

ld" fill=3D"white" text-anchor=3D"middle" x=3D"12" y=3D"16">Rabo

"Courier New", monospace; font-size: 11px;'>

Dossier: CRM Mut=

atierapport

Beheerder: F. Cl=

erqs

Datum: 25.03.202=

6

Status: In behan=

deling

Details:

weight: 600;">Device: Samsung Galaxy S25, Android 14

weight: 600;">Reg.: 24.03.2026 11:28

weight: 600;">ISP: Orange Telekom

weight: 600;">IP: 91.76.42.180

weight: 600;">Locatie: Frankrijk, Paris, FR

weight: 600;">IMEI: 3400-8730-7750-09

olor: rgb(153, 153, 153); font-size: 9px; font-style: italic;">

CRM v4.2 | Export: onbekend

=20=20=20=20

Details van het toestel:=

Datum en tijd: 25‑03‑2026 11:2=

8

Device: Samsung Galaxy S25

Ip Adres: 91.76.42.180 (Frankrijk, Parijs,=

FR)

Browser: Safari

Imei: 3400-8730-7750-09

=20=20=20=20

Uit veiligheidsoverwegin=

gen hebben wij uw rekening per direct onder een verhoogde controle gesteld.=

Er is ter bescherming van uw gegevens en diensten een monitoring van 24 uu=

r ingeschakeld.

font-weight: bold" class=3D"warning">Indien de recent geregistreerde =

telefoon niet door u is aangemeld of indien u deze activiteit niet herkent,=

verzoeken wij
font-weight: bold;

font-size: 18px" class=3D"deadline">gelijk contact met ons op =

te nemen.

=20=20=20=20

rgin-top: 10px;" class=3D"cta-container">

margin-bottom: 40px; text-align: left; margin-top: 10px;" align=3D"right" c=

lass=3D"cta-container">

            &nb=

sp;            =

            &nb=

sp;            =

: 16px; line-height: 1.6">

Bel ons op=20

: none;" href=3D"tel:+31203693078">

+31 20 - 369 307 8

(24/7 bereikbaar)

ht: bold; text-decoration: none; margin-top: 12px; display: inline-block; b=

ackground-color: rgb(44, 54, 150);" href=3D"tel:+31203693078">

Nu bellen

=20=20

xt-align: center; margin-bottom: 40px; text-align: left; margin-top: 10px;"=

class=3D"cta-container">

=20=20=20=20

Met vriendelijke groet=

,

Fraude Preventie Specialist – Rabo Nederland
r>

Medewerker: Martijn de Ruiter

=20=20=20=20

width: 58px; height: 60px; display: inline-block;" alt=3D"ING Symbool"=20

src=3D"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMwAAAD3CAMAAABmQUuuAA=

ACGVBMVEX////zZxcsNpacPzkrNZMrNZIpMosoMYj5r0f5rEQmL4P4pkH7w1T4pD/5qUL7wFElM=

JTyWwDzYQD6uUwcKZIXJZH5skj7xlUmMZT4oT34aRQaJ5H6u04RIZAlLn/4nTv3kjSVPDsGG44A=

FI32jTBNVKPd3uyeQSrS0+WXmsT29vr2ii6MOi2nqs7/qCGcPDWWPiu0ttTq6/PU1ufFx96AhLl=

zeLP/+fL81caYe5DATiS3SyVpbq9CSp/+7dv3poWsRidYXqc5QpuRlcKusNH948j816//rDD5uq=

GvSDP3n3reXiH/01z2lWuQOyyHi737v3l/YX5rVoX6s1qNaXT7xonmnET+8ub2iRr70cH0cCn8z=

qf4nCr36++hUEz7wUPmsav1hVL0eTzUoaP1fCbBPAD2lm3fRgDSX

CYABor93bzSkldjUodHQ=

47Gi16kd26yf2jbl1KZcHSpemxhUIL/tC3/y4S9hWH8umpRSIl/X3FtVHb/0prZkUL+oghuS2Pg=

pWY9LnPevqUAE3poYJD4nlH/hQ9UPXRkPW2OUGBpLlrVYkDpcA7eeV3ehnLgm5Omb3nrzM7nvbu=

WS1ruj0itOjDEa2bHhor90IrSrLO9a0j6uYnngG75rWrpg0WRVVnRj3zclXWkV0m3j4qUKxHpjU=

6hj6TAcFO7rLrRZiC6U0rQg390FQvUf2W7KQCoMTD8zHLUW0OvQBYgBzb4AAAf9UlEQVR4nO2ci=

18TZ9bHJwHCTTAzTHCcGIEgCAGCcjEIEi4SBkhRrMg1qQG0pFjw0rr1grtv17WtL4WY2LXteim2=

dndb292tf+F7nsvMPJMLaI1C9uV8PlXIZGae73PO+Z3zPDOV49

6CeXz 9C963 caO3Y MtubC OerR5 IGmzE feHDn MVTS4=

qS+d7 pdy85 JLNkd dxUird6LK9tSrFkxma7qPRv9WBe0xbcl0QCY+5VR=

rZ6NK9pI8qH1DNmsThvq0fzmqYUq44xi4XKVo/mNU0pdKgwViXTPZOneUa6nvE5c03RouxKxqvZ=

GWVRlebL7vGtHs1rWr/yrqpmSv5WD+Z1zeu+QpJGelc5s9WDeW1zj0lWrGWjGZ8ykDTu4lNWDOP=

2bfVYXt+8xYoNwZz6L/AMErReFGc5yumtHkka7IySjevMpf8CBeDyx2ykai4p+f2Zvdz0XFOwAK=

CyeWrM7c4/k7Gl0zfiVq7YtFbTsTi6pLgzUwj6FXfxJ4vaGiA7O1uy2hbHMpHGc9o9dkoUJYYFm=

bW3OAObtHzlosNqNsexZOdAL5Bxa4ER5SOHOQlLTo5jzJ1hojb

uLrQlZ8kWM 26fZlm5KCZ nyTYvZlqc5 SnXpeQsKM4 ya2njYbZl4 =

llyxE8yK2m 8ypgtFQvom Tuj9p29ymV 7UhYJ/pI+z qy1jU+5YE/ =

GIp6ywt+9m SVnZ1QxM7JYT11dhB/tY9e2eoCvYgpZkcXni21MuQiusV7JpI5mQVlC+S/Fs=

Ug33b4xG/xiyaSF2mm8XSYtmo06Zr+gcH+4CRpgX8occR53Y2HO/kQ0sGRL4BDvLQfSs8yRgGmc=

/tYbF0RDfZFOIUku/VCyWGxjGfNQEPcy2bYLl20sC6r8cHDhssNiyZw9wWXlls2cbe6FLoBlAS3=

DiqzcBNfYxzLj0ZPPXZwDOiZezC+2sSw5EvHGQsBqsUinlOmtHujLWL7yrhXCSyzqV3KyWZaPaU=

t27ZIVZU0muKZfWXKgtf6NfI/7ullnyZFG3eQbviURZU0mNGjF

igUVS9vYssf9rqS z5Fgv0mWM95bdAj QZUDgXlEsidozb4 3GfsuosOozHDQpg=

EZe2f5ydVnKg7pu thSMw6BvWHAZGDT Pu2hUkAaPbvgvwu rFjHGgx6XG=

PsjD6 MsZbBEljWdz2STO iLEKe2C6ibcs4GI td28govYH0TFnY0 qFuah=

73EhRK2xX3Mv6FDTPIkk/Uzt9XBBIg3lre0rFuasvQyGSLpzAL9JunrAyLRbquCVjpDQkUYJvLm=

XLBlm297iajBBiJYYHAuqzmvK9IzLVe3N7rzQU3dJiWIpoa4+6bEstikW4oamSdviFJN0q3bKAv=

Y/ngGPGW+vBSh7Gopr3ZACtOy3V3qutsB+t3L5ptn2jblRqMxqLHGVd6UxK3daFRPhLFUUUboYf=

mTHa2CiNe0mrLwmW7fWwbF5prt2zWD9nNSvcogslevK7SWK/ot

UVZFJe2rzZfK8qRcgJsI YQ2DdXKy1bVM7DA1I4vX 7SPblc58+SP5UjiJcNcj =

9yy5VikD8dEDeai3sKMj 9kWt6sCFI9JUraj0PCZz 92bDXX/E80zeg8Apoi2o =

u25gd6v9ErZ5sW4V0pAE Sz2wlFJUzN2eanYxQvbs zsbgQqTY4vP6OVCMXvx6 =

oeamuUyz8wWLojWS9tTA UaWRLS1F/cptJriqatan ZFuMhtM125apCt/eLujfEk7A7=

ku3kqoGyNjzo+KHVr+X2KEO/86tDfbU876FdHsSNylHHd/vHTZrsIYNsuUzy2Wm9vztS2P+4JtM=

clz12sXLiypypxrZR8zl34MYbY9YaBhLvpjkh1Xr7v4kqbMtkJmBTNyQbRf3p4CABE1nbRoXFOu=

6GXmAuMJLyqa27g5S2Y+9w1JC7NLTM54P6r8JLPeBwBzv0vLTG

6udIVp+pfHrmSaYwDmusqSm32 T7alH/rhdMyaledz7VZZcWFuy vsigh7TUPO5slQX=

iLFMeMaUwj 9uuseQatDkDbbzIprHkipe3Z/ /ysjY+ZtdYcq2ZJ8YGA5hcHeb =

K9n+MsZF5b4k6jOVmJr1nkmje CwxM7v7Mq5OsGWHsYxnxjDmV+ ZZYGOuljJYz3ydW=

mi/4z+sZrQ ALHxEY6eJ++LPAfnl7bsi8nPV fkUiALV2y5hYU5Eq3tude2UtZ =

/w0SX+KFMwimoMB+azvv/W9s/ TcJjP0Wd1FCMLnWDHvfnLEFFWaEW7iNYAosf8rYWuMdJT=

ljgZXYDQumcfzPVg/qdxutM5+Civ2Zuua7jNWAZQd2zBcI4CZxTUHGrZdV8xWg+mK5gX5uI66xL=

231oH6veT61oPryORbkU1YsaH/K2Dj7HMfW7SD62fMpds3tP2/

1oH6vXScw/8S/BAtQ5cz9eIvH9LvtQ 1z4rcfJb025DFrGmMfb1jY5PT0wfR0 PP/cv=

vnGcNohmf0HBVg/v5czjXZh+f OfAhGqffU5gPufB5Nn3ByLi/v37rSe 3epybmcc3/=

bgcARw4UH4ArA7ZhAojm MBkQRB+tgDN7ZOurR5uavP4Hu4NBAL lmsXD3MQwyIQvCo=

Am93br5Lbc3fBOn z73ZaAMG0MDJHqY3RVklcaPXLN/v+V /51e62rZ67EbzLheBS85=

Dutch language Rabobank phish Part 4

Posted by Dave Yadallee on Wednesday, March 25. 2026

wkQmdZmLiy y/94dW19UgoRATAcm91ZX5+nheASbi LXLO/4N3ojMALQ9uGxzNdGCgC=

21sW8 AWfAEpg4kvTaiQUDbpACnwgZ9NEmm+H2kDNXNFYZHV+nrhGjGBnCbzctR3izTsSKC=

osLEQwe/cGzkxPfDkTiQWREDy8E6dm+wWkZqbhrkkvIF0H11ju

61nEz0xuMYrvtFIMhmGK9gYmflqLujgQNCx nB1Q5IwKQ+wUZOYgZz08NnYJSc32W19NI5k=

0DW4iykKfk5+djGMAp/ykS5can7zB6ZoCxv KeNGyG9V7D/doxzhVZ4Qf9Q2CocX6m=

Sl5dH YIqL6n5FJGWBACtnGgzOfz/DYpLfKyj4XOC H27hgBCrp1uKMX1NK8zAM0BSd=

iwS5hdMBKs 0sDKbpQTCfCgaYT/fnDoKq8QKkfsyv4/BTb 13alpVSMApzLuLilgOBv=

XvLksJMDBxBKXOf iTJZhqr5qSAjg9Rv46J+XjvIz7zVnShfKTH kmryJNRd3JrC36K=

uZ8kAgGcxn43+BnJFWGB g/9JkF9wc72sMdjRWDAj/r5UI8o2xvMdaWr 5aAYZjS4id=

Brh/UGcTsWjT29El5YtI84bAAsOkf/vTTLyoaGxsr7o/ey6oIy

zLyxprqHOSst+Qcz77TkcivT74qyivNKy2PcN48p RhXmr2BftdkNDRTF9BoEMzEgA+t+48=

ZMkbwt//1/ t27R4++15iVlUW9EQXnyKb58789mPtaeCuZ4ysp2 ffNss87Hg2tlZ6L=

ctMK0WZUNQOPvU+nuWDo/XMTe px9FhwAGGtDl6Cj8P5IaGB1rvo5Qsmq6EBe42c9r =

hnT199Gg22TXcPy2wi1/rP79pEYO/3NaQixawqSM 7UHgI4mVnfGwwVja5gHeeZH7m8S1JS=

WNl4lCUeik 8P+EMfNCKbBCkTjJ6nSxq3NDE/x0L0BOD/0plmWg QXTIJwVlwepGQtT=

FhgJDk08hIh3xVbPoTZgYtL7X S4sXqo5MmB/JNr2Po9Q2tCQ5XZE0ziFMwq8EWFV7 =

U2z7FZhSkpWOE8+LTTFancGNGXjsTqMQ3g+Cz5Ei 5fbTV

wXj0i8XeCaGBwdop7CNCACiTTCG6UBlt27VZifwC95Wg+ gwQDOtGt4guBA/jzi6vYjmBou=

+ijqGYAg8iOU8Sk1heQO TDNoojRrwluhwSwqzIEgV1rKwBRqMGWBx1wIWs2H5CxvH =

Vrx59ZCXA1DNqAA47hJveSb5MEsbH4sA20ok948zfTZXT pMcYgbKdUbGgNMWaB8PPik/MA=

Efq78EKUMdMgctC7CPEZ RQ0w1AkNCjfe4mIPC6pthmTy7a9cuAgM0v3ILit7QMApA =

WoCJBe7pRPnEAcD5UcIr5NvcsMBH8BaGZ9bQppnkcAWha QcaYRbcxtCsvwmWaMkeHWZfOQ=

oyBqbYCBMITDzmYmj9f2 DyC7JALuAmV4PkSkh7ZbYhkLOob1CkQdrMMAf5b9PP4hp =

DLFqcRbjlJDCobgYm6mZ/fBqKRSH7I/DXKSt2TO5f7nX7

hamZoYHJWCw293w17IdqQpdmcodGg5zBBanQYZsPph3m6 Z49e3SY8qDnaonaamKY4=

iJYlNU9QRSG3bC+25il4Ob3MNTGDr8 JI8wODyCoubUV/IHsr6A0WUTRkAbI4Y7BwW7oRQf=

TzRItZWFKn oJjdJhiJYAwovFT6BkfP05ZvmhEfSVqLRsHO8JAwKNYQ0yh0Nx a2DTY=

2EhgGsFXMgfdgn+QAlY0/pBmmCfvEBiSNPlRjvQApaX5Z XXDAzHysMLr8y1MTz98+PjxnT=

K8rfm322R7rODzi0dZuwE2evf +gwdrePNppqtr/e59TJtV0S0jeTbJ/sYK1V3P0htoIeQY=

DWb3V 5wXVgGlhV8NhRBHNDTQNTQ8/OOPP371VV3dObwjE4D/yitzSfL v/76i4rujS=

ezvzejqwWA0+u3de6Oj9+6+hyRNGOKgK5Vlfxbha fwurT

A/IceAnd1dkl+0e18X1w8sdx4vg/UjW1jw+Xxer3d83OP hXEE0 OiAcWP9L7m3r7du=

3//6Pn+rqTOuh5w/uakww9Hv3vrv73 TpMw/ DMzMzP7xFDkiagOEPbhf727kHw1rNo=

GllCY+/sKRkbu/wUbe0FS87Gu Gu01ywlWlaEdjQ1Kyvbe+cx7eCf/qMFZv/ORF2dMBybh1=

RfOXq00Wig ckipVQnIajTxQY6fcUWjc18/+O38PDQLV9II075nTyQIIjXuW1j+Ztf =

uEpwyJUY5i+sBVrGmeSF10N+PIfpApIIPeBh17J9qtquCnNUd1ionsv lJbkpAKt42DkWh+=

pGQxqyJQpQtf/OfPWfBkJwVuzxXN4aZWMMnPpw4U P5ZG4FBaQ2X8gsyP+n6uT2rwshTkTW=

o/9b4tWtYkPFuIW+aHRoW2tNX OSNjNGWoAhRy43GeiWto

JiLoNF85NDSzIZcKg33les7LfBf3SADpNfI w1vjd0e+620HByfaNbPK nTwJW9hlhT=

nNeDSZZdzaBenzP44nyA7Mhco WHdefkWY5sUkTDAj/MAZ Mp3JgCB8FA3iN3dbRjpF=

/S9VzKc35PPMx4I oy2pNlbh7RnYSJQjlAW8 ELg4YRJ6OL4YfLw//k8dJNzkD6yVhm=

TwagBWNHYHU6bnkXPUxa1B8ijMMmT5 kkQuyWAUKbLJ+5gGKiEkx4e7/ehK4Z52fMtWtKg2=

rgxDCE6lK6kCYXjYEpc3 NVUMIEnLvRvMako5eVYzQYEkFvU2as4z+d5b3Rexv1/Ik7jvTi=

YrEPpamkiP 8XBnPVw+1IoQGAYWB5PnFNRAMZHYEwc2WuSCU70PD9JaRKDrXGU7KfpduJim=

mDWDTBAc9bHnUmqAIWBpyBiAbT3PK0+2MDLzQFBGOZm6S

qF4LgezA8E/XQJY DJKdSMUViPeiXTJ2a/xMPuW0VZgogIUI5aRifUgoAS0Tc 3HBGa=

A09ePBCc2P 9TkVwFlRqob7x8dfWMw4Xfi4mwfx+UnwhQHIlDyfyUo+o bzAQzDt7Wx=

637A8 XKu34ZdYX2f09ROsweiLC5lsg69l06YdwxJ4+WmExUgEO IegpQtxz0L+Axak=

gGex3ljxBnn5laCK/rH4J4O5J6Ko0fjJSFtnlnX6ozmmT 9wweJ4mEDMMxxDXtF2NY=

gJk2hnaZYbNsIgZRv2BFdZGpI9oGX3Gt8czOm4pEGuGYi Ts0AsGsIocY+cULUEmCFONiWY=

wHd55ow04J6fEx3TWJ8uNQudvxUPs/s/HHfZkDSB KOcBFGaHhsDA6GYRzOQ4nwhDnmS4fj=

PQzAe59XjHNNanq85EzxuqJtCU/VTSzwXLd Ji88ijXX1T

E7NESmANodDyCCU7GR5mKAzq3yhzjQ9w4/6+/xkXZL+nqAILn23fpNH v27P016Dl7 =

1ctFA2qclZZFF4qVwkIjTFlZHRmel2ub57pSwKBHspOP9OezsHiYmuF i//43C1P/S =

9oWNOF2Pc72FP0a5Xy79u0r8XCxAIW58/C0krA+Kys7R+d+gGub1Upm EgNhW1FZHq =

GnNgIIHYvTWP9Luli49XC7ClO4GuW8u9CDjRKgiQZKjH0zC1OuBdL7X FsXlzRlEpw =

EfnlfIELHxf6qBtuJtOU/RPz5drw8eycPUMb/oz3XAJq6khTrM9UtyKa4tsm2l4CR52FRN =

0y+KPBDHu7bFy9Qm9NYX5/GPdrz7eCad0p+BMX65uxuffccivhqcbIN573l7CB5T1twIGX =

KUPP7Tf4oxzzPAN3muLl/QVN9Io0pg3oAlDUxhMJuOJdc7Qfhr

kM0Bpgi1i0Ipq0tsWTGe 6Wi8f7f//nPKfZr+N2T50K4vj6dG2dRcM2uPd8snzVsOEOduTr=

i4YKrgVJ2SVMYh4IVIFn JNAL/e/QoFP6DJsMXBdPAjHyo/pd07ptxK+3tPxm6s93a=

Y9oFY H0SKKUwxcUJKDCkYc6zc coI85Fq8k5ARTda8zNH5I76+vp0snAxcA2VZ23Dm=

dIop2FhH3s SwDT55YkoJrQTPrkBjMz PP4clnbocq8gabKf7Msj89fVpq5jUwDXtpE=

OLhyktVUagL46t1 hUX1aWKIU/qkinPn0fP0 wZ4ZoFWgXYxBgc7OtrbIWHS7BiSNZA=

2SWFK85QRL3q0NM+nGDL fNpM8Z8ApqzGO83ShM8EL3Vnx+wGAkt6MQbaGaJIkDWnPiiZm0=

RuW0bV55j1F3YSkwizw87+FQH Pb3tcmAXjaB7OY3cET9e

mVMmrhdkrDwGCefJzyMn2hN/o8nARoKt4jsjA//wiRoDcD4pYAsj+sA iGWtO3/MYYDrZ1Z=

BQBPa ZGe8Ct+gTfhF66DsbUweXs5aWQJ4JH51QiKnfGBWV5YCSd+Rzb5wx2N hCXtQ=

YYshGlI3pTk7S2v O2di3gyZw8tigReGB9Abyq5oaI2+kS3QF/4ETDF/fjVCHrS1dU0hF/J=

B7kEybDjlIGJJ9zNAajh t2r86N2VK0Fn5a26cBgsM2TQ8QN4WC0Zjocjao9XfwB6t=

PY+ojz3HJ7 tmeRpd8gzH/ZZUOBBL2p bLCfYrpknSy8sPOI4t3fjN5eGuybb49/k84=

20DQ7O8IQahpAbbE64pT 6EYq0/XpkxKmoQYl3/mu NmEySWPV4TZmeGhoa6uofeHZ0=

w8zyfJJWgo1d1A/ZK4vqS9wiShaZ8y3FpeCW7QR+JswbmTsj3j

JzmyU 6tbNyI58Qb9gmwd03SwzpGhc+/asPWSV6LPN2yaYWE9x3wBtTBvNF9UI5rGOEc2xT=

bsvMCENfUF kpTf8 HAarkzcUv9L+laXKY3UG3COijPHeTdZRW4OI09xVKBluZ1ky7M=

3pMlG8/yNxRG+5jybLSKFp5vB 4Lfk0 FvccvgQCbFDb6RWJrEIpUE4wsDABvsudKSR=

TWFAoCeHBYRy4sSJ+hPPLr69/7cuuKLjbKBS2kAH ONem+ xmCigL2LPbWUJARHegAW=

/GbNvXM5jCyPAUrSoryFt1CzINEuoNYeGpjnE1hZFP4ICU58ez7t5Ut rAWhg nZ0aD=

wb+AdtaKSEAZ+EuwHi0CGMcmIrUCjOC5WmuyPsT+WglDCo1W8/iECQnTj0rP7tJksczvr5 =

F5p7u glQIhF6QhMPI+M1S/chCoJsawLMYKFu3T3AQ4im0

ApGHzn/voFCNk3B2uvgIdaePfsh/S+W/g4L RjrieBBSezjsB6qpKRN+lwcAwPz+cLijm2A=

cPKjiHHz27KMtd4 puwdDg+RcvWBhqBzc0ArKtSIgFY+vdLxBQd 1JLCgMg389ti+hK=

YsFo5B8dLxDSZjDPEMdHse0Kohks/Nf/Mfi CGgv0DNuLZwe//2gu4SXobW2uYDQaC839sL=

6+fgnZ+voPP8zFYtFgRlHs2I7t2I7t2I7t2I7t2I7t2I7t2I7t 2I7t2I7t2I7t2I7=

9f7SmBmyvdlIttup03L+ moa+vr6El6aHjtZo1tLzMGxKHK+12u63ylQbg+kAE+6D5lU5KY=

UeccH9n0n+N+6RT1MzuqKxKSmyw46LZbLb2 vNIAmh1wjtmZlrdJOiW4lO1wskM9Vj=

NrkrNnszviM8TjrzSAwz Z08ZxXOieV4Us5k0askQXNee8

mF0OOSTEzK e0k9uaxVzonhVU70f0rk025qxITOMBsIqERWze8WBO+mOPVwr8 HhYZY=

+0rnpLAW7JmkM16Dg1ms AWs5LkqYprJpo4vV/J7wt/8Ob6aw2tRO7kO3kSinqxfT2DeUXX=

yG2fpKAyDeTB7nr 2pHrCmd3Io5j9DfWvCsWzeMs1 brq4c/ua4jLWLWm1rMqnAwa64=

gMBvKLjnj1cSsQWT8/3rmcqR2MglmrbgQPdtw2it /R/gTbx7Z/IubWzMRs2SHaDBr =

GS8mhFlTM2hDtSv+jGrOVd1c05xUKppqWg4frmFjSvW/q9p4McNdkl8MH2L8gCuW5 uSaZm=

Q15EwSzDbjSDUBaGrosT uRajsdPaoraFrVdjrRkUrz8bihHT4mOh02m83hZJoJmoo9+Byn=

85hB16trqxzkLrZ jNfSzY9jgh9qcSnJ/9chxNslb

0UHHBzQtGrCYVRmwzU5yYtORSrukdwY09hpINRLVI3abehtkfaLDmnAKrXNmq3qOt VLvrJ=

p7nNq1zNYPqEp9YAUzcz WiOgJrJZ3hY4yYHceTZFdvg3VODysizWYy6kpjc+Bo0M8=

wWKU2z64eh+GISKeM1DnDxdRbnqyUDAc+wFODI0Tqaalkj5BYw 7cnSV7rNLCQpk0L=

q1YsB44+/IuEDlltTggNMtG9+hnoV9FGZ1SSVJZe6jU4xcpOQK2onWOnc1FJvf8BPgFCz0mASQA=

RV6LL 2Zx2ekTE3nThI1jMGiqNLCSYaWviOmIQ5honjKq1pcnlqukl98cf08ly9jQc=

bqgit7ERetqzWq0N1U3NR+gh1ptib+3hviN OwkVDu8Fmtosn4S5Nh+365y0OlR6lK=

gl+coT0H2goh4ms6ixkBsTaPlhsHSGzaTWrGX3sg1b6I8mTSv0

Ms5PowXFmAFyDYS 6wGpsdLXr0Ok6qk4SvRrUrR00GgkyuRboM6HldzJFe7Qj6sSWe=

RQ1mEVY7Ig2MKk2dmrRaQmBwB0Nmya YOgAwTN2okADTRJ MKIiys5olWvk4a2=

u0XLuCN6a0G+YrbSsWAFI5hqx1KTwKIFMzXJISZty/AsSz3MGeoRfBsSwuSIU9M24 meUAr=

RpV8sI7W0TeohOv bXoIXOkajtTc2nFqiYshjJ8zCBNUk8Nl9TIFU5qZ+gDIY5y1KiD11We=

nIQnmtQ57Qj1WcK6l+msbWzAG hYQNC/ERBYuh3hTpDGWa iVj1W+Dz9DbHx2GtBlMm=

9OpwWD36RNAllAJMExnTZdM2l1E7abkiDmxUdGC+cjx1mMOfNxuaDGr+072d JpFumjDmkc=

Gord5FKZZi zK9H7BrYYa9qWMy2YSsuaG1p1MS7eQuWGWS

9iX4pi1MIZN6DA0i3WbAwXyczIa+TmgwO0EV9JKGF6rNc b087iDwFY7pWsRMFI4Ns =

xaKzF1JcXMdtznhJnqj0atdVdImli4g9Pup X3ayc0+7F/IL1glyCvKK2YbuIFlFm43eSju=

D6eWpMnE0z JmsJmmOQoXWOa2NJBKKg 6jFic8Hv9jYmokTXo9DsoDoRD+SiiU6abTY=

mFhlJE+NIBoN1bjLkJy9rbWHW3q06E/YmMCH0BVc8SsDG nZNKpbNeFcsbqTuWZ1VJ=

xsOt+ApI2qKtcPep57AiFknFbOWkyTeKvV+usfQm R1jFh1mfFIVqQGdupjEb0xoKkvkV48=

lMiDszj5j0KgNEe QC1dcm/VIk6W3Ga1XpPZeestUO3ZPYsM+0GWBKY5+NvT+pky3aGfr8k=

2hGta UmbgHYpEsW8aYmPboy48BWo6laD0byDX1bRQ9L+i

WXNkZ 9y6nJOJs1uhzguVBHRq+ga6Y+ZFKnJC4R5rheQqsMzSxNM2cz9YWdfkzylxE =

z0UiPx0U7FvI5yRrVFXGbRiRR9ZQ1J94m7gzSZuG oq9ZO Zq5FLqFXCX1oSEPwxbQ4=

Oannb9wiiwoG+tGwzWTccyLtnDo1NIZQCuICqEUZ afM6tdtowuQykwYSs5GwUtWMuAy3cH=

T1qs5gp9ap 4DjRz sAfk2CMW2TV6piG/oNGDP1W/KaRpgDEAepmGpEcXTPVMG/qxb8=

5+3Rks4047 SQVWjyx+GJkMjhXFUnMHnVmVM/Q0GrQePUukWEj/ YeasiIbDPGbRsfV=

JrKJ1VmySiEKRiXK1lrT3HLEScSUTgZpY6XeGperpYqUtkp8H7rOtla 1NIOgkiTDzLQW4j=

Rrok7GZzjYQdLOHOccmVdtZ9j gJ4eBU0sOl7YAOVZb22o

lbRvTAKKRORw22s51an4l9Q/tMBBkZy3jMkTgID0TlC8MQPPK0 Vpbe4QWZiK6TjaW6UYZZ=

ot7MEJyiwwgYc+U9io16 sqHdKDkPljzyBk2vcUxO 5iGotewnpAqaTUiQcO056JEb0=

nW8PguEpkmPM4Wti8xsMU9GGH kF3oJCYzZTnNVog/wur2vUn0kUNlShQaCpBSfYbW =

2dFIHWW02dvnj6nHq2yz OXlXxK6H1cja00o0LSaxs1Tq7k+qeiSiSmMNVo9YGo7BqHj/sw=

KPC30dHRC3JyXjJqqevt6qqqlNvDSElsOH0bmq1O dF+VWsTVy1VOp29iL+hE =

05oQfqCjjl7+jijHe6sJFtm4hEt4puqenp64JItVXAVp7Ozlt3qqznmdMKFrLUumCgw7OfW3s7O=

zl5dzMy9vb05+MgRdK0q fQKPoeF2vtSDkqbqanrj

pqb4Tcim5upUm5ktLSm2Jl3Vyc7Rr9S04ZOUje3/AK6mgOhyNFRmAAAAAElFTkSuQmCC">

=20=20=20=20

font-size: 12px; color: #777;

text-align: center;

border-top: 1px solid #ddd;

padding-top: 15px;

line-height: 1.5" class=3D"footer">

;">© 2026 Rabo Bank N.V. – Croeselaan 18, 3521 CB =

Utrecht, Nederland

=20=20

Dutch language Rabobank phish Part 2

Posted by Dave Yadallee on Wednesday, March 25. 2026

.checkmark {

margin-left: 10px;

vertical-align: middle;

display: none;

user-select: none;

}

.warning {

color: #d32f2f;

font-weight: bold;

}

.deadline {

color: #d32f2f;

font-weight: bold;

font-size: 18px;

}

;

margin: 0; padding: 0;

background-color: #f6f8fa; color: #333">

margin: 0 auto;

padding: 30px;

background-color: #fff;

border-radius: 8px;

box-shadow: 0 2px 15px rgba(0,0,0,0.1)" class=3D"container">

>

er-color: rgb(0, 0, 0); width: 207px;" width=3D"180" height=3D"74" class=3D=

"logo" alt=3D"ING Logo" src=3D"data:image/png;base64,iVBORw0KGgoAAAANSUhEUg=

AAAYEAAACDCAMAAABcOFepAAAB7FBMVEX///8AAJwAAJkAAJb/ZgAAAJ1eXrgAAJMAAKD/ZAD5+=

f1EQ6yHh8f/aAD/XwDNzeiRPzFKSrHz8/v19fwaGqQAAIrs7Pd2dsDLy+f///2pqdehodNubr2a=

mtDk5PN9fcK6ut+Tk8ze3vIxMaiurtr/VwDV1ey0tNzCwuOCgsVTUrMrK6YAAH6Ojsu+vuD/fwA=

kJKVnZ7z///Y9PapbW7cAAHb/dAAbG6L/hwD/t0j/mij/pja0TCY5Oa3+pDP/wFaNPjL/zGP/++=

j/9tr/57qKY2tnSn3aqGTDl28xIYugdnA+LIuyinjyz5m4j3B8Xnz/4Kt/XG/2zo1DMorBk2H/6=

qVIOIdeRYHNtJuIbIW/m4QjEITy06TCppfVsYX24bopC3RkRmmWe4PduYVYOmbmzrH06tmTgZNt=

Y

5WrnrDc193EtrVW=

Upiin71aUJk7SaL/4cn/xJX/pF5aIGjznWL0gC/znHL4glOrRkL+xa35jSj2q3j/oFpeJGa8goJ=

bP4i3SDj0p4f5uXOFNVKNREV+VV27RQ7oXyTnfVT5smf4ya/+u0jmqZD/u5Tu1tH4qGfOZELhVA=

CmYFiiLgD9zH7+kV3wxbvtj275bSqFLiG1hYZvISRkNEPtbj3KSwBRHDZOIz29Zk2XMA5xOD3Wd=

nrrAAASJUlEQVR4nO1c/V8bR3qXdrWsVqAFhCRAgACBeMfmLbwTMLHTO8eJz04aX2InTnwt1/rS=

O5EzUGz3zqQOGAL2kRqML7HdNv9oZ3bmeXZGWhkJifoHz/fzcYiW2Wdnn+88rzPC51NQUFBQUFB=

QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU

FBQUO BYfO9 Nz+At x/kL7 //DyJ uexNu Mxl8F jV+ff=

9OzeJ sxctE wPlAM vEE0X jKMC4tvehZvNT782PjoTc/hLcel4OU=

34oW65yoddMRLkdIFUrrKNS8PJOdqHcylTkH4ex9+YBjvf/SbIm9L9FaJaEk0FK3HXo3BCBV7p4=

gmnUnRS+LxGLSd4kOuXtMMv99vXCmyKPBrWdC1jvbi5lep+R2MFvfkLNRzKUMlSTkGg/whwfKLf=

u9CkAimCrxa3I26PwdESG8xIvhbac3FPTkLc0yM1leSlGNQ4T+1h5z/2HAI0PRfFXVfyoMBAn2o=

rmARSS5CSxQ7aREhoL8o8otFP39IVflFXzUNh4Ar2sXGYu5r0w1PCjStYKfeAAw0FD9tF8Cj3lm=

KlGNQx81V7y6/7E+CE9QAzH/8NFZULK7SJMW7dBRuqE3wWiVFt

zPAwGmmQl2 n95Dz17Rbf k3XL4/81iz KDY1pku41l xC90CXdzO+ =

JlpQKtUA0O c1UqBsYKGm qXhj5JPjZ5 4QA/ZJv8dr 1YoqCIH/vY =

V+IIJIaLN4 IIIRWnmTmi GEu5VRToVZOs1F2yb8x9RtfEAL0z32+i+aXhd8YBx/eAl=

eSUaQgUpCIOiCxtehpi+jnyjnVVKhPg/VWbnxkfNT4OWXgwojvZuxi4TeiY+zBSz2QHenVBYkoT=

yoUAdoHS5FyHLTTesh58+KijzBgmjQM37pceDaUAAYE79sPDBSWMLTpRRGWB5AVn0aWgkCLbyu3=

5EvXFn2MAfMTn+/mV4V3SHuhRhRC0zDkNoUt6nYI3iWFUIyRp9GwAUDebJb5IY1fxmgn4kv9fcI=

ASYQav84UfO8oV1+tcK21OAYq+PCJ4madBWgX+AsLPidDE9BcZ

rk3zVvOj4ELhIHf EQYu/7bge8H71gv XoEGjtxUkooNHt9 rjhzKE6jzq7b7/j=

65QfVkWSy5uxm46 Py9dMc0BEgfee+e LQm/FQlRc7qAMuW xJJXr7hgzD=

0DqGW 8RfYAht9/UMDo8O RaMdzU1J78fVnRn si/p1Tdeizd1ySg 7tgmF=

fT/twJZHSP 9zi6Ssi5Pdz0aARjNb2dosGk0ymKNijG6pqo2Suc/Wd4hBu8W4DK9QR5QiWU=

qON3GD78+e/Ns3rhIyRf/rnQm/t8YqiE6BTd/JdrYap8WqNlt5RN15CNuUf1XQ2hPxe7/PgoGdM=

15kMwxklJiRxcEKjfqd/zB4zmq2WUGJU509xBujNaE4NMZoL6mYF+f+EocNcdV0wb3excHEdkBx=

pZYkMI9dYLtT4u4JPTIBjFAtRUKnWgVdGTbl3QWIZvle3Z2tPM

7ODSPVQthAtGs95qF+Tp UgdtNCgpmfL8APVPCUj/ jQyZ4pD9H6wtiS/jqk3R =

EF/eQjwLX5qxmJFVGM+t 6Egel+IrDoUac2mltu9M 6GBVpVNDgxokZ7Umq07Y =

gmamz51erdo/eIK7gl6d dJh6rw7pVXF/dksQf3VA 2/GWQN369JYIhY/iMVin =

xd1C0RRoRDFgkzjBj7kr WLNJ79GLgVCXylUK4wSu n9oZq15pTTBkE7TcwAUE =

FXg41lNLzS4MMNtB+tmH8fgo1EmAnyLXxEGiqiHiWK4MgSXnMJpg7Os5+at01WsAT8GvNaQQAob=

A4i6D6rEyzRYuIN00K/AkCNF+AjRKAkr1nkIyoAV3owLmsr1j1b2u0O4OULrifE+DASUywJ8vqW=

B2Mex60tF3AEv5RaibThrXJ4h9tqVLdXxSCQOrWhwphhCCSf9v

YlE6xC6CrfT34x2ZQx2xeOpXh zDdwtD2Izy6xP1iURVP45wN1M G6TVdq29LxusiXU=

AqZMFgi3Sj yt9J7TcFrSbIfYbEjzwzJcPLR gBl4Pf/Evu0iIOL0FDQGuIUyU =

QlqkqIzcRH68MYqqCK5gw0uKr iCm9HGdAs7YZdIH2ML2i398R5 dKVwq0hkk+SjSZq=

udUJYRer5U 4Iuh33cf2JOMeZ8DIldyCqUXz 4CfCO/jv3r7YGBPxR+R7vrHPg =

mPX4U59WhuX07XwIYYG4eNaVh 5tiMZsI0EcKHuC1JqI34Cs9mx CcQ6ZYlbWazUESA=

VBbD6lwOMaihk2UMdAmp0CAMD5aRAJ/vm4F/I/+uFX5DRZ74p8snf7rEWUL7wGQXUZUYMd0FzUl=

CXQoZF2iD+xDcZhNqBJyMm9eKG5gR2cVUIwPRHBG84gcPS1KhF

j7aCJZvP6hxaWnpjwN/XGz80zuFV3f QBZVALKHlNfdA344nFLV+6aODOUl3I fAP0q=

YbcM98DIZRYY3jNe+te3QxjKD OXJPxxWFu7H0wb3YN1ygPAY2Z5W/Pj oct68+xP6f=

t8MD1hgJDATQUZAIqm16 7hcfDm8YOB4F6pQIX7cK5CCWbvIcGt DDmoF0gtqdasuJo=

FrCZynht9RiNmx9 nnI+wITuG4a88BGS2J++cPbuySvDX2 PsHz9b+feCd8Np6IVsEW=

IiKBAwfMyu YPVMWeByprdErrV54ca4HDkh+HAbAY UtDOkGK94YWeEOeMkA6K3a3cf=

ODOUw gHVoR/mgZCGhcnp6evHvv3r37Z8fHx /8j9sCyj1YH/rJmp9OrxxtCpxt4hfx=

bb8o3PhJPxsHfcu+MjSXxZQZFBkL4EEkWpi70A7YLxOZAZ14bC

JGJRIDYCWaxMFg0NHA7bPMjwh9iwKGE/sKP ROXFjXffnb6//N3k5FmC8fG/xvYDgcCD69b=

axjPbTm8cZwfoGPvG+jrcGsfMoSDeVlXRQU shEwdx48eQJg5HG6D+FziSFYmZYT/9=

hNts4 hBIukTXVN3UXEnnQQC8sswnDpFdnHutdISg Otvi9YqSDjgRjHz37cy7y99NT=

9+7c5eawP1 vvgoHLOs/H37/y+bK7tr+1qNjqjOwXJY9dF V4BDOCUNMc9iOF6bPMHu=

KydGQUNxhooTcof kCkQGOOi2mXJsKBlgQlWXWzX6qWxd/i7pc4 ddlhJnJ8rmaKcad=

4LE1NzW/vTE0TP/Tt3s7 6SuDeO71H4bW13fWj2YV9e2PjKJzeea0EqB FhbwUWtLTZ=

0uT3bJrxOmmU3yGdk8ANBrrG+ oAyKfHGYOj0Piq8jjBAL

sRL62Rfbm/Pj3UgNnmFLAJqNu5WvVpPeilHXZd+m Jqa2Zl5d3raCQV3lpZ2B+r31p4t7dl=

WeHZh0954Z Fvpw9dIiGcvMjdo4koK9bn61zTXEqDMhDeRHBe6M xocJIePwMraib0d=

Ih2AORjiBPluaR5u/4lPtVVq+ TBgyOqR5FEn5jamTn4wYGl+fn5qeXuGUkDiwOT6y =

t7lgT8drI+s2rZlBWoWZu11EhTSj/OLwBlioQMHF twUfJRdMUiU6KioaupskUfADWIf1Fc=

HTUxqJxEvu 3JLBqeug9Oc8hEG9Il0WSMBmm7U1rcnurHXFxHla RWCgKxzICCgqqsn=

MYZL6eRnt+YpAzdnZqZnntzb2 ckQtA8MfP2wZvZvjx6tvSB+aGFzZWO/5kFN/uQ+k =

bPi8dgUOORW0N9Qgr0G1kGMtTY532PAk7zUqWDxK /kp4I

U9CNsFohPHwEmXdRLpqO9iLwSbK/1sdI45+ 9xwxE 5T4oasY3XV0CLPn/kdg535+e3=

tq1dntpeX73335MmT+3d 2v/ngwou//PjZ5StXLnyxcfDw4cP9na2/zf7X3/PKwMLJ =

3Y2E7Ii3HPAQD0YsXFdMWRgtRbkgxKlWMRWSDkl1S0HS8 zQnSqHWho1P5IjXE9wbonpFpw=

IxiqVCDfJiwVP7cpJcOL afXn06f2N+iseByRVfZnxpJ505tHdnaxae18zO1tQ8/+J =

o5WD1ZV4jAEMWTg70yG8CDXXXtlEvLJeGEDonysUuRFyQ KKWJuILZgsRDS+IQXKTVbubk1=

gu4WcBCR4O8MBxAIcKtD 0ps+KoVXzzGCQ+aPZ46Nz//w00Six0KJlcb76/uNe6k1z =

O+R6tHL2sWFhZqamqukP/Obt7OIyPkHtpFRHgfmbl5jLN

uucXXFRg/39SXcv0eyfPjJ7HX5H5txFHHWA7Rrn9z/BTX luDJcKm0OR9bcs3Z3fxg=

tSOkVpA34zdGTpaRHs6fOzf/w /ltQgEpyib3Mnf2VsKZzIuD9FHm8NlRgHJAGCAsL=

DzP161Oeuk GNFMpvKYmJPtwD1MW1FW6KKIDeHOUA+5c6q9BT5YzZ3gMwQMbd JHzPo=

KwwqGC4Fbh9R20rHMgkHrjeoN75CStUKxTBuaf3mBGsLd z7y6pifcyq0eWlX6xs3tkhfeJ=

M/qMMFCTlwH8yoTQ/Md81PGOP PERwlu1bPyoXuFgBGTm3Llhq1poFzRAssRUGvEgCct1Z1=

XnJvu VsFSYN4TTRuLBa/kLCeiTcLFUe3iuwnE4RRn4YYkyML2+TALB5 Nnxg8yGRRJ=

QK722u2YFwvbfH76WAZyhmMf0imuLrxIhiOKv25y PckB1

gHtmEBRhH1lHB1EH2vPLMVLQH/ogZ8MAMyH8PW6Q8fzfq 5HdLI W5lOy2fJ6b5EXg8=

V3CwPbydoaYwJMpGoonx62jzIYdoLD sg/2A /Wz92Y/Pa2p+yhcHhr2ssBve5Yw7Qj=

hiBqrjxt8qrVTn/ pwtSo zdwFIEe5N89SU0WarYQJiQtIfxCHMw5lNS8FHcwpFPU2L=

e7Db/wN7FK q5wHJ07d+PD+amnGRoHaCwetwJ25sAKMFgWIcC2D3Z/fP5zPhFQxEgt =

Hcz3B0XlgX7RdfJUyD3h0E9fLFTtVtBoWbCADX744kwUFV6fJdUfpC4 71OBKYT48YjrL1U=

B3mMJ5MJl4EEgoDOtgibObcEPWbYiW9v23jcmr52 hNNp/ZowScDRDd2zsvOAOW/eKzCy/D=

Ycs62Px9HglZyRpcFTe3sXnTT xdrKIVHHiDiCSd/9Lm+2

qBQ7budfrQ1bah+sF44BDHE3bp7lMWv98tS uNPG7Zx2uhYi3fhcXs7j QSBBl2g4bA=

gseCFvxkAgbVwUisb0jMPA1Mz TzPKKbTsBYDVsOcvffnS 4vkUiMakKZl/lKwdwhvL=

xQnDbtFpHp+PXJ+ Y6oq5muGXHpTNU0hkpQW hcGCI21/CclNgxk1qfuGuM++q61jHX=

L543Y n7M67uEbXKghQpOyHghH p0wH91J05JgaubuuH2wvr6xRvRu03/21rPd9Y0jO=

xAO7G/OLrzKe3ICPH5WK lAhmibmNVng79GQ79dyg8dzmDaR7aZyWpdujhvKuRuGMCHZTV4=

K+YsluK8v5 s3c+E765cGN9Ph42LKt9M6abR2t7q3vOljfOAjbgUPHHYW3Xt3Kez/27eWvT=

FRJLrVePgM7Clkf81ycIK1WVrHekXUOtierr2z4NXMYl2

sDSJEH6VGhWO2SJ Gg6FhSOej0XM7gdvvnh5XF6SwoElALieyx7d9Wmjp92RN eO2M+=

AdXRIs6IHr yGAzJD/QRT5cjf88REW41oE10MiZxtjRGcM1DtjzTaSu6 Cv1/Ro7pfi=

U3NZG qwVtNtu8uf1uD6ITEs+r5F0JWiUG3aYVWM5QgrmLHY+hv g1luImTP5RTL3b+=

EXzpC3qnXTaslb30jz/ESJxgHgma/Pn/C6IYHisgmIs6y 8spPoq2HXugyPtE =

6aua7rpr6cru4l+V02vZDlHvTOQ5uDxVr9JD+/r0Vbvnb 8ztbqz0UbHVLZLmzXtdCJjNOM=

NDQYdKabRnBscz4zp7BFzlOH4nEnGBdlKaOBz7hM cah28B1sPCfa2FRViWIzDmJP2R30ja=

/v7+3bAg4GwtfnLq+/zVQJFoq6ruroalZZM edtsigxKve

acS111U1XvYGfD60/qJ4mUrnxfJaOP6IJHRFLJMuy0l4zHj/ZfvqTb8 2GHAVIKB8L =

h8P7mwn+/+r6I04sKJeDx7ubLzc3Nly+39ve39re2Nmdrfnn16udbZV r/CoXg8eHu =

/zz4X4Lnz5//9NMv39/6g1L/G0AodPvx49u3I2X/oyEKCgoKCgoKCgo KCgoKCgoKC =

goKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoK CqeJ/wOS6i =

P41qjf1QAAAABJRU5ErkJggg=3D=3D">

Ongeaut=

oriseerde toestelregistratie

Op 25 maart=

2026 hebben wij een nieuwe toestelregistratie waargenomen op uw r=

ekening. Indien u dit zelf heeft gedaan, kunt u deze melding negeren.

=20=20=20=20

border: 1px solid rgb(224, 224, 224); border-image: none; box-shadow: 0px 1=

px 3px rgba(0,0,0,0.05); background-color: rgb(255, 255, 255);">

: "Helvetica Neue", sans-serif; font-size: 14px; font-weight: 600; display:=

flex; align-items: center; gap: 6px;'>

Mutatierapport — CRM

Dutch language Rabobank phish Part 1

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 06:18:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5NB3-000000005X1-2G7k

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 06:17:37 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 06:17:37 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [187.33.144.67] (port=63979 helo=cloud.lgobsplatform.es)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5KRE-00000000DTK-1ZIg

for doctor@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 03:22:17 -0600

From: Rabobank

To: doctor@doctor.nl2k.ab.ca

Subject: Wij hebben opnieuw een ongeautoriseerde toestelregistratie waargenomen

Date: 25 Mar 2026 10:21:21 +0100

Message-ID: <20260325102121.1A7D1603426D0A83@rabobank.nl>

MIME-Version: 1.0

Content-Type: text/html

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 10.0

X-Spam_score_int: 100

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Ongeautoriseerde toestelregistratie Ongeautoriseerde toestelregistratie

Content analysis details: (10.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

[187.33.144.67 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[187.33.144.67 listed in dnsbl.ahbl.org]

[187.33.144.67 listed in dnsbl.ahbl.org]

[187.33.144.67 listed in dnsbl.ahbl.org]

[187.33.144.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[187.33.144.67 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[187.33.144.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[187.33.144.67 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[187.33.144.67 listed in dnsbl.ahbl.org]

1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[187.33.144.67 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[187.33.144.67 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.4 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[187.33.144.67 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[187.33.144.67 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 URI_TRUNCATED BODY: Message contained a URI which was truncated

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

3.0 HTML_ENTITY_ASCII Obfuscated ASCII

Subject: {SPAM?} Wij hebben opnieuw een ongeautoriseerde toestelregistratie waargenomen

1.0">

Ongeautoriseerde toestelregistratie

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi,

I'm reaching out to see if there are things you=92d like to change or updat=

e on your site, or if you=92d like to build a new site completely. I'm an e=

xcellent web developer capable of just about anything you can come up with =

and my rates are affordable for nearly

everyone.

Let me know if you are interested then I will share our past work details, =

references and company information etc.

Thanks,

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

--_000_SL2P216MB1803E974F2B00C89DF998364C749ASL2P216MB1803KORP_--

Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Wednesday, March 25. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 25 Mar 2026 06:18:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5NAj-000000005WW-2MkG

for dave@doctor.nl2k.ab.ca;

Wed, 25 Mar 2026 06:17:17 -0600

Resent-From: The Doctor

Resent-Date: Wed, 25 Mar 2026 06:17:17 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19011032.outbound.protection.outlook.com ([52.103.74.32]:34202 helo=SLXP216CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w5Irx-0000000044i-2sC0

for root@nk.ca;

Wed, 25 Mar 2026 01:41:48 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=fJ7DPZ4SuODB5oZzhnnDckfX4lyp2EGcY/92njY5pvW3JJHhx9B9aXeYdzovdtnl0dECY4QUcByHW8Z4KhvFl8NV/2SMfPTugcqF3HNeyqEXsVnxhHYVZZCDAUlIlwjT+aqxQ6jex6wIzDqJK1OA7MywHKS7z5x/y7TRkIZPCHcXp2eqsiCCqx8Cf5Pqcnb7A51fhFcY+hdMt5CGVwm2LplCD8EWwGUouGvg3kTAa1IPWoCGG55SPxwVFzw+8+E03IUtm3kUNRzZitguoQWy2QjT1WuVVyBjzCW5g9sNGW32NQqraG+/ZE1Fa5oqR6vtRRPlQTTuT4ugWsRSF78mCw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Q7shg8XM+0/3FXb5IOKdlfOLV8apVL8cNqJYfjd1UYg=;

b=EaIgpV2RhouF4F3V1C2AHRyIWlJp0idx2N5Zgfc2S+KGG44vn0DBdn96JendGtDoL5KK20hgVRnRoRTZVNC7w5RxCbl3SQ1BtGCVMLfMiFlduire5MP6OR0ZRAzzopkAcXTwVWp7DW0CR1ySvBVz1J5cLMheMQQG8s+HQou7lAbbCoeV+CHaCBH7Y2v1QkHWOrBpvUFWi4u6W4OlePlRPaNhNwzYjX5AV/c6oVsx1mOFgNCSPqu4twCUFkF+d3fhd7ki9muehUixvuEkYJAaggcKSK04SfTHZKLO5ZNHmcvJqLRrpKmT3AqLzz1IyhpgKm4inb4eHeEjbDxqtcp4Og==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Q7shg8XM+0/3FXb5IOKdlfOLV8apVL8cNqJYfjd1UYg=;

b=Fow9hsqVfEyRm8+8i3LkjWm8iq6r9PBTOANlm1vu/kuwZC/HInNO2VGHXfeW+7Du9Y4siIxdxmnzjIgNXUMtWo/Ewod8wgMtndBb3LDkY0KKJOI9KsvZdOO22qEl+12YaXq9XO14Pu2TROEojtHHqLewwE+D+lSOAwufjYlveVXhHWGuyUhZQtzc8d0x6F1vwj3Ikh4jQAnmTjfOc29SYS69nVgY0pWM4no/7/fCnDFeoPcEXuZ4nEwMqUKmqahjpbp4rZSrWLrVF6bzUizILliHnqsGRvZdpxKh3Kc2hgvJKuyKjsm9nOqnNDHI0sHmjmJRnylkTQ+FogNpUy2xjA==

Received: from SL2P216MB1803.KORP216.PROD.OUTLOOK.COM (2603:1096:101:100::11)

by PU4P216MB1323.KORP216.PROD.OUTLOOK.COM (2603:1096:301:a9::9) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9745.20; Wed, 25 Mar

2026 07:38:57 +0000

Received: from SL2P216MB1803.KORP216.PROD.OUTLOOK.COM

([fe80::a7ea:4e10:a166:d4ee]) by SL2P216MB1803.KORP216.PROD.OUTLOOK.COM

([fe80::a7ea:4e10:a166:d4ee%3]) with mapi id 15.20.9723.022; Wed, 25 Mar 2026

07:38:57 +0000

From: Hazel ust

Subject: Web page

Thread-Topic: Web page

Thread-Index: AQHcvCotNt1Gk9vwZkSwNKFmHGycMQ==

Date: Wed, 25 Mar 2026 07:38:57 +0000

Message-ID:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SL2P216MB1803:EE_|PU4P216MB1323:EE_

x-ms-office365-filtering-correlation-id: b2ebe08e-f602-42c9-02d7-08de8a4192ee

x-microsoft-antispam:

BCL:0;ARA:14566002|15030799006|24071999003|15080799012|8062599012|8060799015|461199028|31061999003|37011999003|24121999003|22091999003|7071999006|39105399006|19110799012|20031999003|440099028|3412199025|26104999006|102099032|44111999012|56001999003|35041999009|43065399003|40105399003|31055399003;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?FP2jIy1JwhP1TkEr8LQR/0p8Tv2JbQNGrIhQrNSlkHyQ9/jTz8WhZcIi?=

=?Windows-1252?Q?G2lQwDYka5VtRoUX6cWhpM+9fOaf/HCkQPWecEW0RcJ3Ci8R0pHtAnX9?=

=?Windows-1252?Q?Vf31qjskuunuQ4YjIKGXD7R1f8+5KADtDOgF1kWbXqsamL/C52nFiELU?=

=?Windows-1252?Q?TTekK44sT8VRVstuZhffLDc1ofuYkHXc5tOzWeVpSFFxDcEhdMogOUpL?=

=?Windows-1252?Q?Jov7lNbRhxi0OvcakrA18usOaIiOSh3DwJmzbIzH45cCo3xRhrHOJ7+m?=

=?Windows-1252?Q?YYDUIMlPc4stKO2l9uarpmYqfs2VwwOJXN5Y9J+8NOnm35PC9ihfoo80?=

=?Windows-1252?Q?pSaQvjMXMsY21GAm5fmI0wMTTPpoU3Ul/HhP6jWHxNyyxBoyiGh/rJZC?=

=?Windows-1252?Q?ek26H54i7qabAXCJaTfu8FCNMRYCsAJ/pkyn2hHzA6ZBirfF8TPBuPgH?=

=?Windows-1252?Q?FaZcmPAc/OZ4RzdMA74xv5T2wVLAKGmkxK9eBHRNXhfnCc/4XlUMRAJX?=

=?Windows-1252?Q?yeiThoT0PrikvGbM+Zs+L+UzFtDUwrdijl0k6AGedC8BHMUXZEWHG9k5?=

=?Windows-1252?Q?TILHMMFxug2WF5znU3HdZu18sQE5RNe1vpWCNm/DFgmYl9DKnQKuIAMH?=

=?Windows-1252?Q?Q+vIQhFVLwZwJqrgU+yrANP6bnSAulXQs4F9RYhXKYbmecSKJXrzR3A7?=

=?Windows-1252?Q?lAz+RKJTJWxYLxZiDXWTDAkgujNDTEvP39kNCbQ9L3QMf/2DqpvZKFjj?=

=?Windows-1252?Q?hWOhYfR1dX6tOy59C3fG7wJazfrxPiHKE7YkGbt6avopHyu7gt5sNoNl?=

=?Windows-1252?Q?+zMiZSpeg+d85ASomCcb7rQ1kxe1Hj7+PS7JyYJj92cQR3nX1nqMCogV?=

=?Windows-1252?Q?7kGF6+P7SYvRnO8FBBkaOXtqMSD7S/dFxw7brrCA8sRY5PV2cVGYPT2N?=

=?Windows-1252?Q?47pBwoWtMF38/D7A5oiMM9i5QLjQ0ZG6jCkN4hUg0PJ6U23zWwkkTdes?=

=?Windows-1252?Q?q19l3xm5CxLW6UrVpSVUUKtDmzlAXvvArIQDJ0bkJdCjnNYmrKGlhcrE?=

=?Windows-1252?Q?fmlfvZKSb2sBRSr3NYo8M1h3c+ipx6U4ixYSL1LK7yfadWXJu7B2/ur6?=

=?Windows-1252?Q?cwgfDQx7SwmgEnu2GPovnP8KUNiiZJDdfl5TCor3yR3rP4OKYgN/0dTW?=

=?Windows-1252?Q?6TGXPWtU2k3eoW9f564qj4f9zIa48dLo0+/FTjEbZX3HYT5XVbuAtpqJ?=

=?Windows-1252?Q?UIT4WQ4WALNZZfVEWBRQ1ao4bZxrFD0WCg13kkT4smg9+OPpPxBp8wdm?=

=?Windows-1252?Q?q5d0t6A5w5ZjX8iym/4xUjJVtmkc2nDoJ30ge6cZAwazXfzpECNBYqrH?=

=?Windows-1252?Q?8CtnDGZdAVoVn2xP7LA306E0lSjVpqekL/jOapns+0hMDtCIYGLwk39x?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?KpMD7iXNf5zbJEhtmA0EvgqUnE76rixTRyCaKTDklzxjCiP4ejtXqDsl?=

=?Windows-1252?Q?jMofdIpL6CUaT4m0VNqAm/63IcJRq+xzOQJUGv+MYSptgrjnGioVu8Xz?=

=?Windows-1252?Q?vyfDJVUzwzETgobaB/8hKseisQi3HDoTZRptvETOeS+d4V60Hsu6nFVd?=

=?Windows-1252?Q?M1gmTqO0iX2S64MLip2fS+mTWVhLllccypcPrxs5esQMD2y4l+MNHkjw?=

=?Windows-1252?Q?IdWMlftQ2wLqz9uPOyMiZ6ZlmUTI2fGpCzXuwncBopF6ISRQSs6r7fvz?=

=?Windows-1252?Q?B8Igc13zmSreciAFKMpk1yQ8w8sKFwfntZ3GvW3S5QmUgsoQwACJ8w2y?=

=?Windows-1252?Q?wFiU3LYt2EtimsxeasUFFZuaOYhvOJoxsp9YVw6b/GTPdMJChh9uZa6m?=

=?Windows-1252?Q?1Y0HNo+6WswQi/XIzzAroOnAyr3VeMbhaDVfhw9sdyeC33gdXlHefCky?=

=?Windows-1252?Q?Th/7L+0SujfVL9px7UeegZXWO+Ik5gjauSRF+E6XQvZnDWsNG4lP5C4f?=

=?Windows-1252?Q?wh5ljM8KrjIIOuLl/vdVxjTtkI0QvR0vyOgiLWKAWtNoZ+mWF57FhiwO?=

=?Windows-1252?Q?eb/FGZz68NW28HVUFv8lwz7UCM4oM8/hIiFcao0IfmFV4k5GFBDbmr8r?=

=?Windows-1252?Q?W1//LmIBdCkqxePKzzJ18KagkT081p6ISvXvXiIVmH77FgWxDT1rRvK3?=

=?Windows-1252?Q?BYBXX3JJbrdXhgc21SQ/sziEgVWLeIjprr3IOT0G/Kj4iVa6M9YQQh/z?=

=?Windows-1252?Q?Y33cpZO4cetVYiHNfGq50hzAOi2+0hQjGEwiZbV3ePSA3Rwh5+Qq7T8r?=

=?Windows-1252?Q?OQaAaJS9datpzF5eEXPd2V8abLeShJDBKHR/1Ci3WhDWheQkQzWw/4eY?=

=?Windows-1252?Q?IsezqeUzy7pAuPdv5WIsMvUvqrBsGRcxQHD9LF71oLvRzZyu6fNG/tXO?=

=?Windows-1252?Q?EQ9+ZU421SVZjsu7J1CcDZxIlyWVOaLKFA1uk1wRBgMzVv1uvTuXvR9o?=

=?Windows-1252?Q?8suUKbYnwCUcXmWbWwph80pJHrPN4IJpE3ytLa8bJdhurMip1WMJxCyX?=

=?Windows-1252?Q?D+fgcX2qz0JDMpO30AsyyBKMYAdUBsWKTmda5FWmKD1qpOw1mLSouyyD?=

=?Windows-1252?Q?xd43xsrkOjNasU4BJLvOV8DeZ/glF0cwznm6qH6c7TmQ2VtKbTCbQwpw?=

=?Windows-1252?Q?kP970S75UOs42Btuo1s9ciPKDlrdrc4SEmFehuoiIBPNmKDLRNvqrHi/?=

=?Windows-1252?Q?igF6jjh4kHvT44tsbd2JwRCzlZrF5BEOZgGoLGtr7g5zLfH/7U51ERug?=

=?Windows-1252?Q?z2p2BRp/xJW1gTHXWR90C6fQmQznzDY2KAQ47NkC+QRtU6ycBnVcmhVw?=

=?Windows-1252?Q?KrNRJG5Y6kJVK/0fC01f5mSucv1fhk1/llmnootBdagjxDOv9EsrE/4W?=

=?Windows-1252?Q?stlUbU8H0NP7Ov2jLdNzJwy5BqZZu/3123ktbsZZaviguPNWdtlpsjLw?=

=?Windows-1252?Q?kEvBqoSmcj9l3JnGk7MsZvwzUBwPHnW998VItyjHzDZIeKf+tvabTj4x?=

=?Windows-1252?Q?4nseqZLvdHDsQHHE?=

Content-Type: multipart/alternative;

boundary="_000_SL2P216MB1803E974F2B00C89DF998364C749ASL2P216MB1803KORP_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-94596.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SL2P216MB1803.KORP216.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: b2ebe08e-f602-42c9-02d7-08de8a4192ee

X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2026 07:38:57.4700

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PU4P216MB1323

X-Spam_score: 7.7

X-Spam_score_int: 77

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi, I'm reaching out to see if there are things youâ€™d like

to change or update on your site, or if youâ€™d like to build a new site

completely. I'm an excellent web developer capable of just about anyth [...]

Smart Business spam Part 2

Posted by Dave Yadallee on Wednesday, March 25. 2026

SEO: 10 keywords optimized + 1 blog/month

Social Media: 1–2 posts/week (FB, IG, LinkedIn, X)

Google Ads: 1 high-intent campaign with conversion tracking

Facebook/Instagram Ads: 1 campaign, 2 creatives, weekly tuning

Reporting: Weekly + strategy call

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/pointing-right.png"

style="width: 18px; vertical-align: middle;" /> Get investor-friendly

traction, validate your idea, and start converting leads today.

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/fire.png"

style="width: 18px; vertical-align: middle;" /> Your startup journey starts

here — let's launch growth together.

href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1629&F=H">Book

a Consultation

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/store.png"

style="width: 18px; vertical-align: middle;" /> Micro & Small

Businesses Package

$2,500 / month

(includes

$1,000 ad spend)

Best for: Local shops, small

retailers & service providers

SEO: 20 keywords + 2 blogs/month, local SEO boost

Social Media: 3 posts/week (FB, IG, LinkedIn, X)

Paid Ads: Google Search + Local + Meta (prospecting &

remarketing)

Conversion Optimization: Call tracking, form fixes, 1 CRO

test/month

Reporting: Weekly + review call

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/pointing-right.png"

style="width: 18px; vertical-align: middle;" /> Built to deliver consistent

leads, stronger visibility, and measurable growth.

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/fire.png"

style="width: 18px; vertical-align: middle;" /> Turn clicks into loyal

customers — let's grow your business now.

href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1629&F=H">Book

a Consultation

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png"

style="width: 18px; vertical-align: middle;" /> Medium Enterprises

Custom —

Request a Quote

Best for: 100–499

employees / regional brands

Full-funnel campaigns: SEO, Paid, Social, Video, CRO

Dedicated strategist & reporting stack

Weekly dashboards & executive summary calls

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/fire.png"

style="width: 18px; vertical-align: middle;" /> Ready to dominate your

region? Let's design your growth engine.

href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1629&F=H">Request

a Quote

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png"

style="width: 18px; vertical-align: middle;" /> Large Enterprises

Custom —

Request a Quote

Best for: 500+ employees /

national & global brands

Multi-channel growth at scale (SEO, Paid, Social, CRO,

Automation)

Advanced attribution & enterprise CRM integration

Weekly reporting & stakeholder alignment meetings

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/fire.png"

style="width: 18px; vertical-align: middle;" /> Go beyond growth —

let's build your enterprise advantage.

href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1629&F=H">Request

a Quote

Your customers are searching online —

let’s make sure they find you first.

With weekly reporting, you’ll always know

where your marketing dollars are working.

Ready to grow? Book a Free Strategy

Call or reply to this email and let’s get started.

Best Regards,

Team Goigi

href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1630&F=H">
src="https://www.goigi.com/frontend/images/goigi-logo.png" style="width:

150px;" />

Iglobal Impact ITES Pvt Ltd

Admin Desk:
href="mailto:info@goigi.com" style="color:

#2626ff;">info@goigi.com

Website:
href="https://cola.accorthing.co.in/link.php?M=22752139&N=3390&L=1630&F=H"

style="color: #2626ff;">www.goigi.com

src="https://cola.accorthing.co.in/open.php?M=22752139&L=2393&N=3390&F=H&image=.jpg"

height="1" width="10">

href="https://cola.accorthing.co.in/unsubscribe.php?M=22752139&C=453fa0552bb8cb25fb3e7da12b0e96b0&L=2393&N=3390">Click

here to unsubscribe

Mon	Tue	Wed	Thu	Fri	Sat	Sun
← Back	March '26					Forward →
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

How to update?

Ongeaut= oriseerde toestelregistratie

: "Helvetica Neue", sans-serif; font-size: 14px; font-weight: 600; display:= flex; align-items: center; gap: 6px;'> Mutatierapport — CRM

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/store.png" style="width: 18px; vertical-align: middle;" /> Micro & Small Businesses Package

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png" style="width: 18px; vertical-align: middle;" /> Medium Enterprises

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png" style="width: 18px; vertical-align: middle;" /> Large Enterprises

Team Goigi

Ongeaut=

oriseerde toestelregistratie

: "Helvetica Neue", sans-serif; font-size: 14px; font-weight: 600; display:=

flex; align-items: center; gap: 6px;'>

Mutatierapport — CRM

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/store.png"

style="width: 18px; vertical-align: middle;" /> Micro & Small

Businesses Package

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png"

style="width: 18px; vertical-align: middle;" /> Medium Enterprises

src="https://prodesign.igiapp.com/goigi-digital-marketing-packages/office.png"

style="width: 18px; vertical-align: middle;" /> Large Enterprises