NetKnow Corporate Blog

Web/SEo/App Spam from Google Gmail

Posted by Dave Yadallee on Thursday, May 7. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 07 May 2026 13:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wL4hg-00000000IAi-38n8

for dave@doctor.nl2k.ab.ca;

Thu, 07 May 2026 13:48:12 -0600

Resent-From: The Doctor

Resent-Date: Thu, 7 May 2026 13:48:12 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f200.google.com ([209.85.222.200]:42412)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wL03k-00000000OsS-0Bvd

for sales@nk.ca;

Thu, 07 May 2026 08:50:49 -0600

Received: by mail-qk1-f200.google.com with SMTP id af79cd13be357-90341a5f66aso227650485a.1

for ; Thu, 07 May 2026 07:49:52 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1778165386; x=1778770186; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=X6dSrXrDwT6N5ogjCiR5d+knh71jgRjB6B36vKwk+Y0=;

b=qPiaE5bJtqfMjoDKyob7Ln+uQmSMibwtfEIoEfNegvoVuMQ7uzSqOWM9IKdGLnNO/N

jZOSCc6EL/tKD4wFe5jJtsK7eDdHwxv7QC0TZCf9SHl6NsX3xoEn9+FmayGiuwrPaEQ9

LGeLgDgQk6tp5KgwzutLnJlO5qw/bwv62KIHwEEqIPpi8X5WAqF+mvmRZpst809WTYJz

A8fI8BmitYJ+HrSTC8ndL7qrSmJ4S5LReDxJos0MdZqHPI0VQB/8IAWphF8NPAnIs8iD

kYytrEYeScr7Q8DKe7XdOQopnUYCSyB0IWIlySZXdFrMjI9S16waqKsDUi1t/7eRMTDK

bCcQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778165386; x=1778770186;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=X6dSrXrDwT6N5ogjCiR5d+knh71jgRjB6B36vKwk+Y0=;

b=sXlQdselEvVKBaQZtGIJ+uPAvy+eH27fGi0osraAj13gvqoeAFpsCxUSx3pMtiqO0d

21KqxDT45Mxd07dzgumiPfCD/oUdvJo50YNl/Gwe4rZxN2JKePsO/AUPPF7/TYKlRBL8

DXBOdm2hqc8+6xMa5j57qQVvPuJMTQe2ArB4/88qbUDAPk+8ZhOO1gfRyy6jObLmd5b4

ziPlr+o0REu6LLsgj79rG+UdXKx0hoORDn6qzv2ec1DgEP9gfvgIKX7Z40w2DFBSXvNV

B8lsacdnA15sYIId2eApTdQoJ6lS5D3HXR176v4gC2ITERYqcgTtsGvztYd9cCfImMPG

AGOA==

X-Gm-Message-State: AOJu0Yx50lNHdYJoEpSMMKl/SYiBxd092G6ul8c6KGbOVZJnzqFFj6LZ

n0kmJQaaIaiIkiuRiF00n4rGdYyKGCPYnWk6ZZIX9konkqu4Dw9IolcLdCpD7Ok3zz7nw+Nt5F4

TxMGJ+Q==

MIME-Version: 1.0

X-Received: by 2002:a05:690e:e8c:b0:650:8981:82dc with SMTP id

956f58d0204a3-65d7e72e7bbmr2718706d50.9.1778164911245; Thu, 07 May 2026

07:41:51 -0700 (PDT)

Message-ID:

Date: Thu, 07 May 2026 14:41:51 +0000

Subject: Website issue

From: sona461462@gmail.com

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="000000000000e30eb006513b47af"

--000000000000e30eb006513b47af

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Hey

Good days,

If you were on page #1, you'd get so many new customers every day.

Should I send a free report of the issue error ?

Most Thanking.

--000000000000e30eb006513b47af

Content-Type: text/html; charset="UTF-8"

Hey

Good days,

If you were on page #1, you'd get so many new customers every day.

Should I send a free report of the issue error ?

Most Thanking.

--000000000000e30eb006513b47af--

Geek Squad Phish from Google Gmail Part 3

Posted by Dave Yadallee on Thursday, May 7. 2026

@media only screen and (min-width:580px) {

.main-container-inner {

padding: 24px 32px !important;

}

.info-bar-inner {

padding: 12px 32px !important;

}

.main-column-table-ltr {

padding-right: 32px !important;

}

.main-column-table-rtl {

padding-left: 32px !important;

}

.appointment-buttons th {

display: table-cell;

clear: none;

}

}

.primary-text {

color: #3c4043 !important;

}

.secondary-text,

.phone-number a {

color: #70757a !important;

}

.accent-text {

color: #1a73e8 !important;

}

.accent-text-dark {

color: #185abc !important;

}

.grey-button-text,

.attachment-chip a {

color: #5f6368 !important;

}

.primary-button {

background-color: #1a73e8 !important;

}

.primary-button-text {

color: #fff !important;

}

.underline-on-hover:hover {

text-decoration: underline !important;

}

.grey-infobar-text {

color: #202124 !important;

}

@media (prefers-color-scheme: dark) {

.primary-text:not([class^=3D"x_"]) {

color: #e8eaed !important;

}

.secondary-text:not([class^=3D"x_"]),

.phone-number:not([class^=3D"x_"]) a {

color: #9aa0a6 !important;

}

.grey-button-text:not([class^=3D"x_"]),

.attachment-chip:not([class^=3D"x_"]) a {

color: #bdc1c6 !important;

}

.accent-text:not([class^=3D"x_"]),

.hairline-button-text:not([class^=3D"x_"]) {

color: #8ab4f8 !important;

}

.primary-button:not([class^=3D"x_"]) {

background-color: #8ab4f8 !important;

}

.primary-button-text:not([class^=3D"x_"]) {

color: #202124 !important;

}

}

Geek Squad Phish from Google Gmail Part 4

Posted by Dave Yadallee on Thursday, May 7. 2026

/InformAction">
org/Event">
tScheduled"/>
ma.org/Organization"><=

/span>
clc5qgblbg"/>
e-height: 1px; height: 0; max-height: 0; width: 0; max-width: 0; opacity: 0=

; overflow: hidden;" itemprop=3D"name">Plan is nearing its next service cyc=

le
=3D"20260507T040000Z">
8T033000Z">
=3D"0" role=3D"presentation" align=3D"center" style=3D"width:100%;" class=

=3D"body-container">

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-ser=

if,'Open Sans'; COLOR: #000000; PADDING-LEFT: 6px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D25 align=3Dleft>
href=3D"https://www.youtube.com/user/nationalbankne=

tworks"=20

target=3D_blank> 3D""=20<br

src=3D"https://www.bnc.ca/content/dam/bnc/formulair=

es/modele-courriel/icon-youtube-25x25.gif"=20

width=3D25 height=3D25>

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-ser=

if,'Open Sans'; COLOR: #000000; PADDING-LEFT: 6px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D25 align=3Dleft>
href=3D"https://www.linkedin.com/company/national-b=

ank-of-canada/"=20

target=3D_blank> 3D""=20<br

src=3D"https://www.bnc.ca/content/dam/bnc/formulair=

es/modele-courriel/icon-linkedin-25x25.gif"=20

width=3D25=20

height=3D25>

-[if mso | IE]>
=3D"presentation">

=

ellspacing=3D"0" role=3D"presentation" align=3D"center" style=3D"width:100%=

;" class=3D"">
e>

mscope itemtype=3D"http://schema.org/EmailMessage">

on">Renewal Date: 2026-05-07 22:03:15
Membership ID: {{id1}-1013
Supp=

ort Hotline: 1-810- 213-3002

Dear Account Holder,
We would like to inf=

orm you that your GeekSquad plan has been renewed for 4-Years. A total of U=

SD407.46 has been charged to your account.

Order Management Dashboard:

=

Client UID: 6df161ac
Tax: $00
Item Purchased: OmniEdge Plan
Quanti=

ty: 1
Membership Duration: 4 Years
Payment Mode: Confirmed
Amount =

Charged: USD336.58

We value your continued trust.

Important:
If you =

have any queries, please contact (808)-570 6056.

Sending positive thought=

s,,
Team GEEK SQUADS
Customer Care Contact: (+1 808) 223-8706
Our=

Manager: Jacolby Glerup
Address: Po Box 1013 Celoron Ny 14720 USA
GE=

EKSQUADS © 2026 All Rights Reserved

ion" align=3D"center" style=3D"width:100%;" class=3D"">=

=3D"border: solid 1px #dadce0; border-radius: 8px; direction: rtl; font-siz=

e: 0; padding: 24px 32px; text-align: left; vertical-align: top;" class=3D"=

main-container-inner">

style=3D"font-size: 13px; text-align: left; direction: ltr; display: inline=

-block; vertical-align: top; width: 100%;overflow: hidden; word-wrap: break=

-word;">
sentation" width=3D"100%" class=3D"main-column-table-ltr" style=3D"padding-=

right: 32px; padding-left: 0;;table-layout: fixed;">=

"main-column-td" style=3D"padding:0; vertical-align:top;">
0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" width=3D"100%"=

style=3D"table-layout: fixed;">

text-align: left; word-break: break-word;;padding-bottom:2px;">

=3D"font-family: 'Google Sans', Roboto, sans-serif;font-weight: 400=

; font-size: 22px; line-height: 28px;color: #3c4043; text-decoration: none;=

" class=3D"primary-text" role=3D"presentation">Plan=

is nearing its next service cycle

ont-size: 0; padding: 0; text-align: left; word-break: break-word;;padding-=

bottom:24px;">

mal; font-weight: 400; font-size: 14px; line-height: 20px; letter-spacing: =

0.2px;color: #3c4043; text-decoration: none;" class=3D"primary-text" role=

=3D"presentation">
atetime=3D"20260507T040000Z">
20260508T033000Z">Thursday May 7 =E2=8B=85 12pm =E2=80=

=93 Friday May 8, 2026 =E2=8B=85 11:30am (Hong Kong Standard Time)
div>

word-break: break-word;;padding-bottom:24px;">

boto, sans-serif;font-style: normal; font-weight: 400; font-size: 14px; lin=

e-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-decoration: none=

;" class=3D"primary-text" role=3D"presentation">
ding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"padding-bottom:=

4px;">

3c4043; text-decoration: none;font-weight: 700;-webkit-font-smoothing: anti=

aliased;margin: 0; padding: 0;">Organizer

=3D"color: #3c4042;">
nderline-on-hover" style=3D"display: inline-block;;color: #3c4043; text-dec=

oration: none;" href=3D"mailto:adreanneziehr@hairsstyles.com">adreanne Zieh=

r
a.org/Person">
mprop=3D"email" content=3D"adreanneziehr@hairsstyles.com"/>

v style=3D"color: #707579;">
style=3D"display: inline-block;;color: #70757a; text-decoration: none;" hre=

f=3D"mailto:adreanneziehr@hairsstyles.com">adreanneziehr@hairsstyles.com
>

n: left; word-break: break-word;;padding-bottom:24px;">

amily: Roboto, sans-serif;font-style: normal; font-weight: 400; font-size: =

14px; line-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-decorat=

ion: none;" class=3D"primary-text" role=3D"presentation">
" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"paddin=

g-bottom: 4px;">

;color: #3c4043; text-decoration: none;font-weight: 700;-webkit-font-smooth=

ing: antialiased;margin: 0; padding: 0;">Guests

(Gues=

t list has been hidden at organizer's request)

--00000000000037c98e06513abe53--

Geek Squad Phish from Google Gmail Part 2

Posted by Dave Yadallee on Thursday, May 7. 2026

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">

=20

=20

=20

=20

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

Hi,

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

I hope you're doing well.

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

We specialize in SEO services that help businesses improve their Google ran=

kings, increase website traffic, and generate more leads online.

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

If you're interested, I=

=92d be happy to share our SEO packages and price list with you.
v>

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: rgb(0,=

0, 0);">

Best regards,

t;, "Helvetica Light", sans-serif; font-size: 11pt; color: black;=

">

Abhinav Sharma=

nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

--_000_PUZPR01MB5228EB6B66E6DB05C0BA6FC6CF3C2PUZPR01MB5228apcp_--

Web/SEo/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Thursday, May 7. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 07 May 2026 13:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wL4eY-00000000AVX-48at

for dave@doctor.nl2k.ab.ca;

Thu, 07 May 2026 13:44:58 -0600

Resent-From: The Doctor

Resent-Date: Thu, 7 May 2026 13:44:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012055.outbound.protection.outlook.com ([52.103.43.55]:28574 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wKxjE-00000000FXX-0c7j

for root@nk.ca;

Thu, 07 May 2026 06:21:30 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=YNwhgsxx9nYaqwCaocrZaes17UXwHrgAaf2HmDG9uDpAEJH5nz4TPzMFAGNfbpwsJElzb0CE3OKNpCv/xmm/EVOfLAaEIeTRFPeZdRc/WWmqNdjFNRFCaVwny9kAB02qf22ifgSuUKWHiqukH26e2K092hUbtYTo4jS9MtRBY/XRUviEx1KA+TYITz/Ljmba1Ep9aYnhhSMJZVHSNujFjPvv4EqaV6ln8aYy40FrokY1zKRI3Zwk6pX7gwZh3TFKZt4wdLxI38D+r4YuSb1cVKGZzuQ+mKAcsVahFfdAibvAUhL8HrfOEFYuvkYLN7qbQuIYiQ8omrsg4/h+ITX9nA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=fZz06zfNduNCDheEdIpsdcBQw5FB91pVvYeDzFTHv6w=;

b=aanHjmX+XJIhaLCH4Uu0bjH8zqALlR3waGcqAr/YAtpHovGzrA42tbk8mDdPDTWjUA2g+k2P++7TS3f0cOSCRtJXP/7E8OM0Znk8CjA+K2ODAvHxFNqNPnq07sPxS5TpPwm3qPtyj/Kk4QXX5DFEVL2+jGBqCltjqTGGaLkce2at1CjDnMQ+XkDIc8NVaNoq2/hy7/algqOaW6AAdej4YYRC2g606/CAi587QVstSlCwcLhm+ux8LvEOqSXHshMAbJOUETOeTE6hz9r/LRxb7DLU/74sM4TpsIN6NWvvqoDVD1aHfirpm4JXWkZGP+p84ncdPtBNipMVLLiMv2U8HA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=fZz06zfNduNCDheEdIpsdcBQw5FB91pVvYeDzFTHv6w=;

b=sgIsnDGhZkwqQzfvl6/0kuBa/zTv+8BN0Zp04L0HQxRcclOdDZT/CLfPi3JnBQJyNjTd0Yr67c7oFcFh52L07z/N7z82OPtN12OmVbGhlFdIEE/kPaDGTnn0oqD5dk7qRY+MHPA+zxfuMzqIqiR5/RODQJ0qeqDzN15HAoMhm1whxlH5xm0FXg5tM9zifF+4meN7pn22JEWy4jEiiE/TBcx4mCJVGUyr5GrxIhrqNGaowP15FfqAnJRsdHdm9h5P+1lsYjzG42/alwHIhNZL/REvPbPEsITL31GiUt74iZnvj1tQP20QZOlGdjWlhwKbkR+P08+PB+YXVtuYrbNwzg==

Received: from PUZPR01MB5228.apcprd01.prod.exchangelabs.com

(2603:1096:301:11d::14) by SEL0PF68DC17F71.apcprd01.prod.exchangelabs.com

(2603:1096:108:1::5a6) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9891.17; Thu, 7 May

2026 12:20:06 +0000

Received: from PUZPR01MB5228.apcprd01.prod.exchangelabs.com

([fe80::8967:d35e:4c65:fd7c]) by PUZPR01MB5228.apcprd01.prod.exchangelabs.com

([fe80::8967:d35e:4c65:fd7c%7]) with mapi id 15.20.9891.008; Thu, 7 May 2026

12:20:06 +0000

From: Abhinav sharma

Subject: Hire SEO Experts

Thread-Topic: Hire SEO Experts

Thread-Index: AQHc3hoi2RdUDwZ4CkadF1xupSp8XQ==

Date: Thu, 7 May 2026 12:20:06 +0000

Message-ID:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PUZPR01MB5228:EE_|SEL0PF68DC17F71:EE_

x-ms-office365-filtering-correlation-id: 029a9635-a550-49cb-70b6-08deac32f917

x-microsoft-antispam:

BCL:0;ARA:14566002|55001999006|2604032031799003|20101099007|15001099006|704163111799003|461199028|8060799015|8062599012|19101099003|16051099003|31061999003|15030799006|19110799012|24121999003|37011999003|22091999003|15080799012|39105399006|26104999009|51015399003|40105399003|18071099003|440099028|3412199025|26121999007|102099032;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?JSFjqb02k57sJ9YKlj6c7RFTKmFQ/EFUtZ9Js+zrjMYdxEAPZHF2yUNW?=

=?Windows-1252?Q?ozEYg5rZ7mLVa5qiIFHkChroxCRAC84/vDYiCBCIoVwEzeioczdFKgDM?=

=?Windows-1252?Q?1jguY3qPHLff8DXYdveWrUAdDW+ZcFitDpPURlWZneju4rvf4ki/9iy8?=

=?Windows-1252?Q?nVUcIO+EtcCe33TLcz1aIEfT0mIwE0+xYLErDtOuQIIZYr2oQh5rZquF?=

=?Windows-1252?Q?fRCm0bXX7FvapUg1jikMQSHNT91X0IwL4LXEi77LZaLUnWDY3WlfURqp?=

=?Windows-1252?Q?8HcbngT1TcQcbiFazxWRUzlXnAmwmETiImVUPp4Xf/XpCiew+Ln4dyEo?=

=?Windows-1252?Q?sILvOxqM2r1yFBGLLO4xEAaG3tYow7u94K6FzcSnLRuo31prhYmQ4Hap?=

=?Windows-1252?Q?djOm77ciYzbczcTnnETcxtiXkq0sIHB+ayoDDJqRI4ibgfHLglaPzEtS?=

=?Windows-1252?Q?MAaTYTatGbFqtfkxdR+bNMc2mbn7ZbbThHkFgbHxxl0IUJB+SAbyzN7f?=

=?Windows-1252?Q?ZhM/6KkKVRjHc76LJo1cnueHB2SdI2vjTlqgCV0oDwqfAyyJ4P8pBiy4?=

=?Windows-1252?Q?by0HfhOxPO1P7ldgQlY/1UbKT5KPRCzjnw6HamZIHycNkctG5UO5K2V2?=

=?Windows-1252?Q?LFxWYOUxhEdYyBLvyVz7+F6AaOVKTgjI+n2Qh1xexfQuXvijnRG85qXH?=

=?Windows-1252?Q?qfoLNndBBmRJeZN44qTctu8E3P55CLynYrLI66K7Esa78Xa4royf5moQ?=

=?Windows-1252?Q?u70OxpC+yTLcYceISFllcY0pFA7Atjre99MUAYeyUsIWeLcymtlhv7Ws?=

=?Windows-1252?Q?WC12IMP30CqxTQGVxKeEhw8+obvMRZDdLgFusW9n7jnJZkgwlnBmCVmV?=

=?Windows-1252?Q?xAZFLaanS3IIPhoQW8KXEAbwwX58jQHJH76g3e/jigRPePomoMLpqFH7?=

=?Windows-1252?Q?zyMyryR78A0uD2KF3xAF2st7/yhjHqyhFLPy7eiRL2xezmnAS/YN+JQ4?=

=?Windows-1252?Q?EyKa8NakiXJ0UPsD6tgIR0K2Eski1/eMHSM6AbJvv/HuYafnNveeZPQ+?=

=?Windows-1252?Q?OL5trPOYRgw0pwFfobrP7Fs+OPfGMzreBcO8SjPXDrKF+L6ALes+QYUn?=

=?Windows-1252?Q?K2sJEpyIBh3nYCtXFSNV2Q0jjCCm+GjD7WKtevwnsCuS0kj8JNQu14Ay?=

=?Windows-1252?Q?WgbeKT1OFT1YVTjRs8jHgJpbqYtV0g9+sV55fpQuHOvX1AGglle6qFBm?=

=?Windows-1252?Q?zdpn6zjJftxaFf7xMQ/1xgwNq3pwzq//hVgDUc6s+WFu7HD9wRVmoiJV?=

=?Windows-1252?Q?2igWitpU/TQsAm2aRojJEbhf7CxBN/CPCuMAjzl6zuVEVVrfETjoVQV4?=

=?Windows-1252?Q?fmlxAqDpdr/lwT4DQPUnUBDRHyXlOlSRa0xkeU47wSyHs4Etvnj3EkB3?=

=?Windows-1252?Q?Bina/abDA7uytugdOBqBJ7TPQCiZFWTfXALqii5rhNA=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?AIXtlDTdgKBXJhX8++84iGGG50e4Yh1+e8A2SHq7RSPMaD8bFfni8gEA?=

=?Windows-1252?Q?uUoSChW6nVRP/eb22/P9j88G3PP6sywY7fX6OHVkutpiwIDgVMFQicdo?=

=?Windows-1252?Q?UXOsJGPBbbLT2tmQ2qv2G9UVXHeCMTQjL1xKwxTrDfIrMvQSzZEWSfSN?=

=?Windows-1252?Q?Nuv2dGCdGvR0WDdzUdVa8sm3p3PW386LqtZRM2oLU2VuXO6U0p0sXrP0?=

=?Windows-1252?Q?nxlgLBXnVTklXVkoh8hjxL8UfoByuiw3V+2t74VYl4sbQIDDXMyM3IrR?=

=?Windows-1252?Q?r929K/dEwINSPA1d+IW0PxfmvgrzDPh7GLAtpXy16C1CEVpA3Uym+GZg?=

=?Windows-1252?Q?cCOSi+sGRapRKcoST6859tQA3w567zalc0fPLSMiAKQodqTFDjr7UrhJ?=

=?Windows-1252?Q?oYhIzacGfsHcpoutMJ0gurWzxg2dQx+eDXvzc5L+10DtQ6xeJmKmt8na?=

=?Windows-1252?Q?isPTecCgjE6G72TCV1pcsndz6JCXHGx6nY10ZcgKr2jMdOvn1zBH175s?=

=?Windows-1252?Q?gUjx0gKDqmYAFYB9MRhMwHI8C0VOkjVFeFUjTfxt/qDodbbybNxHLXQk?=

=?Windows-1252?Q?G7CAX2P7SRWuBrIVBm6QZhNFcDaHVFHDVePkutB9VCtzeS4O7cVa6aK+?=

=?Windows-1252?Q?zD1YJ0l7WoMpX6oJh1w59BFAQyHVczGm9Vhqm5ZhUDsBg1Bi+weHDTJf?=

=?Windows-1252?Q?Xt6TEHhNpB0X/TiGN7rTegpOj6y0nn78xmy3ZN5GSLKAt5FMoFSdT7V6?=

=?Windows-1252?Q?/cmUQzOLD9z7y+2B38nTN/icfCUgjs650bILf1ja79/reFTeotZInVrr?=

=?Windows-1252?Q?e9GkzaolECwroSrnYpa4+EVcI5Ks+NBplS6pvi55MTvvhUc8oC9epAvq?=

=?Windows-1252?Q?QmU9km/KyIp7C6Xxz7tBIix7DawVCCLle4vX23q66AwbevvoA/ld/1b7?=

=?Windows-1252?Q?niGaqTzcgLdQXtPpJPXxVYb/7BAM/lTs7kYOt18s834P4RszT6rrzUex?=

=?Windows-1252?Q?ug4PqUaxjljSR9BD/yMsihCnozXUmqcnSGjsfY8KWlxqURh+q47o8j1D?=

=?Windows-1252?Q?CeqrakiWlB3MBgt+26ZKWVGmLQ99a0PfTV+uCyRMkZzjArrUtxOIVvKq?=

=?Windows-1252?Q?qlRBtWT38V7tw1+RUeejybuUrm7SOMK7H5yf4gvgYQswo1J5IiZUM5HI?=

=?Windows-1252?Q?nRhhcFoNgzcFTAw2f3YKSAq/X+IXFUFaomCybOUgDX4prWTTxAW+nyKm?=

=?Windows-1252?Q?YKm1v5h7HTOgWgStuumeYpTyIR+S9955v7e+v61yRw9MpUGIN4fgXY6S?=

=?Windows-1252?Q?sDmVhKd1XAMLo09d2ky3aUh5jFvAXa9hctN/Rm6A5AP5qKJO2QFXqqSs?=

=?Windows-1252?Q?afb2ZpYni6PKJlA0A4D5CKwEEM7nlPHY8TJ6bd1TUtSDopMh0cSNpd/9?=

=?Windows-1252?Q?aKXF8zZp92foLBw4LGYDgixNJkvL7otdxSgE+pZX0ZQLSPauTQw+gsaw?=

=?Windows-1252?Q?ErvHeTeuufaJ+WD9Y3zwz2IXkEe6EyQen91k7NG0CVohf5e04LaKZYkZ?=

=?Windows-1252?Q?JH6BlT6r7JzMCZB1?=

Content-Type: multipart/alternative;

National Bank Phish from Sendgrid PArt 3

Posted by Dave Yadallee on Thursday, May 7. 2026

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-ser=

if,'Open Sans'; COLOR: #000000; PADDING-LEFT: 6px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D25 align=3Dleft>
href=3D"https://twitter.com/nationalbank/"=20

target=3D_blank> 3D""=20<br

src=3D"https://www.bnc.ca/content/dam/bnc/formulair=

es/modele-courriel/icon-twitter-25x25.gif"=20

width=3D25 height=3D25>

ABLE>

der=3D0>

der=3D0>

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Open San=

s'; COLOR: #686868; PADDING-BOTTOM: 30px; PADDING-TOP: 30px; LINE-HEIGHT: 1=

5px"=20

vAlign=3Dtop align=3Dleft>

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Op=

en Sans'; COLOR: #686868; PADDING-BOTTOM: 15px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle align=3Dleft>
style=3D"TEXT-DECORATION: underline; COLOR: #686868"=20

href=3D"https://www.nbc.ca/terms-of-use.html?utm_campaign=

=3Dacq_credit-card_aem-forms-email_en&utm_medium=3Demail&utm_source=

=3Depush-bnc&utm_content=3Dinterrompu&utm_term=3D"=20

target=3D_blank>Terms of=20

use

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Op=

en Sans'; COLOR: #686868; PADDING-BOTTOM: 15px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D20 align=3Dcenter>|

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Op=

en Sans'; COLOR: #686868; PADDING-BOTTOM: 15px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle align=3Dleft>
style=3D"TEXT-DECORATION: underline; COLOR: #686868"=20

href=3D"https://www.nbc.ca/privacy-policy.html?utm_campai=

gn=3Dacq_credit-card_aem-forms-email_en&utm_medium=3Demail&utm_sour=

ce=3Depush-bnc&utm_content=3Dinterrompu&utm_term=3D"=20

target=3D_blank>Privacy=20

policy

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Op=

en Sans'; COLOR: #686868; PADDING-BOTTOM: 15px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D20 align=3Dcenter>|

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Op=

en Sans'; COLOR: #686868; PADDING-BOTTOM: 15px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle align=3Dleft>
style=3D"TEXT-DECORATION: underline; COLOR: #686868"=20

href=3D"https://www.nbc.ca/abcs-of-security.html?utm_camp=

aign=3Dacq_credit-card_aem-forms-email_en&utm_medium=3Demail&utm_so=

urce=3Depush-bnc&utm_content=3Dinterrompu&utm_term=3D"=20

target=3D_blank>ABC's of=20

security

style=3D"FONT-SIZE: 15px; HEIGHT: 15px; LINE-HEIGHT: 15px">
V>
style=3D"FONT-SIZE: 8px; VERTICAL-ALIGN: 5px; LINE-HEIGHT: 0">=

=A9=20

National Ba=

nk of=20

Canada. All rights reserved. Any reproduction, in whole or in p=

art,=20

is strictly prohibited without the prior written consent of
AN=20

style=3D"WHITE-SPACE: nowrap">National Bank of Cana=

da.=20

National Bank of Canada, 800 St-Jacques Street,=20

Montreal (Quebec)
style=3D"WHITE-SPACE: nowrap">H3C 1A3

>
style=3D"TEXT-DECORATION: underline; COLOR: #686868"=20

href=3D"https://www.nbc.ca?utm_campaign=3Dacq_credit-card_aem-f=

orms-email_en&utm_medium=3Demail&utm_source=3Depush-bnc&utm_con=

tent=3Dconfirmation&utm_term=3D"=20

target=3D_blank>
style=3D"COLOR: #686868">nbc.ca

For options t=

o=20

unsubscribe,
6868"=20

href=3D"https://www.nbc.ca/forms/communications/withdraw-consen=

t.html"=20

target=3D_blank>click here
>.=20

DY>

style=3D"FONT-SIZE: 8pt; FONT-FAMILY: 'Cambria','times roman',serif; LINE-H=

EIGHT: 10pt">
CONFIDENTIALIT=C9=20

: Ce document est destin=E9 uniquement =E0 la personne ou =E0 l'entit=E9 =

=E0 qui il est=20

adress=E9. L'information apparaissant dans ce document est de nature l=E9ga=

lement=20

privil=E9gi=E9e et confidentielle. Si vous n'=EAtes pas le destinataire vis=

=E9 ou la=20

personne charg=E9e de le remettre =E0 son destinataire, vous =EAtes, par la=

pr=E9sente,=20

avis=E9 que toute lecture, usage, copie ou communication du contenu de ce d=

ocument=20

est strictement interdit. De plus, vous =EAtes pri=E9 de communiquer avec=20

l'exp=E9diteur sans d=E9lai et de d=E9truire ce document imm=E9diatement.=20

CONFIDENTIALITY: This document is intended solely for the individual or=

=20

entity to whom it is addressed. The information contained in this document =

is=20

legally privileged and confidential. If you are not the intended recipient =

or=20

the person responsible for delivering it to the intended recipient, you are=

=20

hereby advised that you are strictly prohibited from reading, using, copyin=

g or=20

disseminating the contents of this document. Please inform the sender=20

immediately and delete this document immediately.

National Bank Phish from Sendgrid PArt 2

Posted by Dave Yadallee on Thursday, May 7. 2026

der=3D0>

align=3Dcenter>
gn=3Dcenter=20

border=3D0>

style=3D"FONT-SIZE: 14px; FONT-FAMILY: Arial,sans-serif,'Open San=

s'; COLOR: #333333; LINE-HEIGHT: 19px"=20

vAlign=3Dtop width=3D600 align=3Dleft>

0>

align=3Dleft> 3D""=20<br

src=3D"https://www.bnc.ca/content/dam/bnc/formulaires/mod=

ele-courriel/icon-confirm-84x44.gif"=20

width=3D42 height=3D22>

style=3D"FONT-SIZE: 14px; FONT-FAMILY: Arial,sans-serif; =

FONT-WEIGHT: bold; COLOR: #ffffff; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; P=

ADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 19px; PADDING-RIGHT: 0px">MESSA=

GE=20

CONFIRMATION=20

Y>

der=3D0>

der=3D0>

style=3D"FONT-SIZE: 14px; FONT-FAMILY: Arial,sans-serif,'Open San=

s'; COLOR: #333333; LINE-HEIGHT: 19px"=20

vAlign=3Dtop align=3Dleft>

style=3D"FONT-SIZE: 20px; FONT-FAMILY: Arial,sans-serif; FONT-W=

EIGHT: normal; COLOR: #00334d; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDI=

NG-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 24px; PADDING-RIGHT: 0px">Complianc=

e=20

Verification Update

style=3D"FONT-SIZE: 10px; HEIGHT: 10px; LINE-HEIGHT: 10px">
V>Dear=20

Client,

To support account security, regulatory complian=

ce,=20

and anti-money laundering controls, we are updating our investo=

r=20

identity verification procedures. These measures are intended t=

o=20

help protect financial accounts, reduce the risk of unauthorize=

d=20

activity, and ensure that investor information remains accurate=

and=20

current.

As part of this process, investors may be asked=

to=20

review identification details, confirm contact information, ver=

ify=20

account ownership, or update required documents. Completing the=

se=20

steps helps maintain a safer investment environment and support=

s our=20

compliance obligations under applicable securities and anti-mon=

ey=20

laundering rules.

Please proceed using the link below to=

=20

complete your verification:

href=3D"https://mjjwci7p5dtqvs0y4yk730e.live">Complete=20

verification

Thank you for your cooperation as we=20

continue working to protect investor accounts and maintain a se=

cure,=20

compliant investment platform.=20

der=3D0>

align=3Dcenter>
der=3D0>

der=3D0>

style=3D"BORDER-TOP: #a6a6a6 1px solid; BORDER-BOTTOM: #a6a6a6 1px soli=

d; PADDING-BOTTOM: 12px; PADDING-TOP: 12px"=20

vAlign=3Dtop align=3Dcenter>

R>

E>

Thai Language Canva Phish from Amazon Part 2

Posted by Dave Yadallee on Thursday, May 7. 2026

------=_Part_1405281_319353436.1778170629532

Content-Type: multipart/alternative;

boundary="----=_Part_1405280_1907887602.1778170629532"

------=_Part_1405280_1907887602.1778170629532

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

=E0=B8=A1=E0=B8=B5=E0=B8=94=E0=B8=B5=E0=B9=84=E0=B8=8B=E0=B8=99=E0=B9=8C=E0=

=B8=96=E0=B8=B9=E0=B8=81=E0=B9=81=E0=B8=8A=E0=B8=A3=E0=B9=8C=E0=B8=81=E0=B8=

=B1=E0=B8=9A=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B9=82=E0=B8=94=E0=B8=A2 swp30000=

@swp.=EF=BB=BFac.=EF=BB=BFth=20

=C2=A0

=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=A3=E0=B8=B9=E0=B9=89=E0=B8=88=E0=B8=B1=

=E0=B8=81=E0=B8=84=E0=B8=99=E0=B8=99=E0=B8=B5=E0=B9=89=E0=B8=A1=E0=B8=B1=E0=

=B9=89=E0=B8=A2?
=E0=B8=84=E0=B8=B3=E0=B9=80=E0=B8=8A=E0=B8=B4=E0=B8=

=8D Canva =E0=B8=99=E0=B8=B5=E0=B9=89=E0=B8=A1=E0=B8=B2=E0=B8=88=E0=B8=B2=

=E0=B8=81=E0=B8=84=E0=B8=99=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=84=E0=B8=B8=E0=

=B8=93=E0=B8=AD=E0=B8=B2=E0=B8=88=E0=B9=84=E0=B8=A1=E0=B9=88=E0=B8=A3=E0=B8=

=B9=E0=B9=89=E0=B8=88=E0=B8=B1=E0=B8=81 =E0=B8=A3=E0=B8=B0=E0=B8=A7=E0=B8=

=B1=E0=B8=87=E0=B8=88=E0=B8=B0=E0=B8=96=E0=B8=B9=E0=B8=81=E0=B8=AB=E0=B8=A5=

=E0=B8=AD=E0=B8=81=E0=B8=99=E0=B8=B0
report-content/?disable_dsa=3Dtrue&category=3DJ&app=3Ddesign_share_email&so=

urce=3Ddesign&content_id=3DDAHJAKUnPbc">=E0=B8=A3=E0=B8=B2=E0=B8=A2=E0=B8=

=87=E0=B8=B2=E0=B8=99=E0=B9=84=E0=B8=94=E0=B9=89=E0=B9=80=E0=B8=A5=E0=B8=A2=

=E0=B8=96=E0=B9=89=E0=B8=B2=E0=B8=A3=E0=B8=B9=E0=B9=89=E0=B8=AA=E0=B8=B6=E0=

=B8=81=E0=B8=A7=E0=B9=88=E0=B8=B2=E0=B8=99=E0=B9=88=E0=B8=B2=E0=B8=AA=E0=B8=

=87=E0=B8=AA=E0=B8=B1=E0=B8=A2=C2=A0 =20

=C2=A0

User Paid 950.=EF=BB=BF99 USD for iPhone and Canva Premium via PayPal If=

not, Immediately call +1 816 544 2270.=EF=BB=BF #

=C2=A0=20

=C2=A0=E0=B9=80=E0=B8=9B=E0=B8=B4=E0=B8=94=E0=B9=83=E0=B8=99 Canva https://=

www.canva.com/design/DAHJAKUnPbc/share?invite=3DwB2dpOLL6nkXw_QuJZHMMA&acce=

ssToken=3DH3DFPfdAWVf_rWAZYzGuRQ&utm_campaign=3Ddesignshare&utm_medium=3Dem=

ail&utm_source=3DshareButton=C2=A0=20

=C2=A0

=C2=A0

=C2=A0

=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B9=84=E0=B8=94=E0=B9=89=E0=B8=A3=E0=B8=B1=

=E0=B8=9A=E0=B8=AD=E0=B8=B5=E0=B9=80=E0=B8=A1=E0=B8=A5=E0=B8=89=E0=B8=9A=E0=

=B8=B1=E0=B8=9A=E0=B8=99=E0=B8=B5=E0=B9=89=E0=B9=80=E0=B8=99=E0=B8=B7=E0=B9=

=88=E0=B8=AD=E0=B8=87=E0=B8=88=E0=B8=B2=E0=B8=81=E0=B8=84=E0=B8=B8=E0=B8=93=

=E0=B8=A1=E0=B8=B5=E0=B8=9A=E0=B8=B1=E0=B8=8D=E0=B8=8A=E0=B8=B5 Canva =E0=

=B8=AD=E0=B8=B5=E0=B9=80=E0=B8=A1=E0=B8=A5=E0=B8=99=E0=B8=B5=E0=B9=89=E0=B9=

=84=E0=B8=A1=E0=B9=88=E0=B9=83=E0=B8=8A=E0=B9=88=E0=B8=AD=E0=B8=B5=E0=B9=80=

=E0=B8=A1=E0=B8=A5=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=95=E0=B8=A5=E0=B8=B2=E0=

=B8=94=E0=B8=AB=E0=B8=A3=E0=B8=B7=E0=B8=AD=E0=B8=AD=E0=B8=B5=E0=B9=80=E0=B8=

=A1=E0=B8=A5=E0=B8=AA=E0=B9=88=E0=B8=87=E0=B9=80=E0=B8=AA=E0=B8=A3=E0=B8=B4=

=E0=B8=A1=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=82=E0=B8=B2=E0=B8=A2 =E0=B8=99=

=E0=B8=B5=E0=B9=88=E0=B8=84=E0=B8=B7=E0=B8=AD=E0=B8=AA=E0=B8=B2=E0=B9=80=E0=

=B8=AB=E0=B8=95=E0=B8=B8=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=AD=E0=B8=B5=E0=B9=

=80=E0=B8=A1=E0=B8=A5=E0=B8=99=E0=B8=B5=E0=B9=89=E0=B9=84=E0=B8=A1=E0=B9=88=

=E0=B8=A1=E0=B8=B5=E0=B8=A5=E0=B8=B4=E0=B8=87=E0=B8=81=E0=B9=8C=E0=B8=A2=E0=

=B8=81=E0=B9=80=E0=B8=A5=E0=B8=B4=E0=B8=81=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=

=AA=E0=B8=A1=E0=B8=B1=E0=B8=84=E0=B8=A3 =E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=

=88=E0=B8=B0=E0=B9=84=E0=B8=94=E0=B9=89=E0=B8=A3=E0=B8=B1=E0=B8=9A=E0=B8=AD=

=E0=B8=B5=E0=B9=80=E0=B8=A1=E0=B8=A5=E0=B8=99=E0=B8=B5=E0=B9=89=E0=B9=81=E0=

=B8=A1=E0=B9=89=E0=B8=A7=E0=B9=88=E0=B8=B2=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=

=88=E0=B8=B0=E0=B8=A2=E0=B8=81=E0=B9=80=E0=B8=A5=E0=B8=B4=E0=B8=81=E0=B8=81=

=E0=B8=B2=E0=B8=A3=E0=B8=AA=E0=B8=A1=E0=B8=B1=E0=B8=84=E0=B8=A3=E0=B8=A3=E0=

=B8=B1=E0=B8=9A=E0=B8=AD=E0=B8=B5=E0=B9=80=E0=B8=A1=E0=B8=A5=E0=B8=81=E0=B8=

=B2=E0=B8=A3=E0=B8=95=E0=B8=A5=E0=B8=B2=E0=B8=94=E0=B8=82=E0=B8=AD=E0=B8=87=

Canva =E0=B9=81=E0=B8=A5=E0=B9=89=E0=B8=A7=E0=B8=81=E0=B9=87=E0=B8=95=E0=

=B8=B2=E0=B8=A1 =20

=C2=A0

=C2=A0

=E0=B8=AA=E0=B8=A3=E0=B9=89=E0=B8=B2=E0=B8=87=E0=B8=82=E0=B8=B6=E0=B9=89=E0=

=B8=99=E0=B9=80=E0=B8=9E=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B8=84=E0=B8=B8=E0=B8=

=93=E0=B8=94=E0=B9=89=E0=B8=A7=E0=B8=A2=E0=B8=88=E0=B8=B2=E0=B8=81 Canva

Canva Pty Ltd, 110 Kippax St, NSW 2010, Australia

ABN 80 158 929 938 | Privacy Policy https://www.canva.com/policies/privacy-=

policy/

Thai Language Canva Phish from Amaczon Part 1

Posted by Dave Yadallee on Thursday, May 7. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 07 May 2026 13:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wL4mY-00000000Ifx-0NRw

for dave@doctor.nl2k.ab.ca;

Thu, 07 May 2026 13:53:14 -0600

Resent-From: The Doctor

Resent-Date: Thu, 7 May 2026 13:53:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from a76-100.smtp-out.amazonses.com ([54.240.76.100]:49859)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from <0100019e033a8daa-890f8f2b-cacc-4d9f-a88e-4e28d3fa613b-000000@mail.canva.com>)

id 1wL1QJ-000000005zs-05gN

for doctor@doctor.nl2k.ab.ca;

Thu, 07 May 2026 10:18:11 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=ypmurnb6l4uw7ik4ed3bnk2reh4kqpqm; d=canva.com; t=1778170629;

h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:List-Unsubscribe-Post:List-Unsubscribe;

bh=2P4NMzfmrLHbtN90ErxV4NbJehd7CHHe/nniDzSXTKw=;

b=o4Wk1oB8hrj6jUNq5waLrGoQtrGrApsanmkIANoEyciNvcJZ84QcnX4yhszxSMHz

mbwA2ws0BPafz/OvBk5B7/iHmndnNIyzNjt4BBMqLN5DLtPbJCAVE2Y0kwtWeDde821

nRWiR85JOpEvCgw5SiCq3wWE3S3kJiUH2CfwtgUY=

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1778170629;

h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:List-Unsubscribe-Post:List-Unsubscribe:Feedback-ID;

bh=2P4NMzfmrLHbtN90ErxV4NbJehd7CHHe/nniDzSXTKw=;

b=Zr0WIeOK6zPRGaN7WAmaQtgEUPaf0iusCCdilrbqqo6ZX1ogZti9Pmd3Kz4NAOFW

g2Z0sT84nfOE+32mSRin+rqwwhQQrs48gdTEXyKniPHrFDmm2W0jqCEdIa5zfyK48nQ

DwQQVLQ1W6fEXUH8IODL8HcpzZX62H1CZ6HvsMAY=

Date: Thu, 7 May 2026 16:17:09 +0000

From: =?UTF-8?B?4Lic4Li54LmJ4LmD4LiK4LmJIENhbnZh?=

To: doctor@doctor.nl2k.ab.ca

Message-ID: <0100019e033a8daa-890f8f2b-cacc-4d9f-a88e-4e28d3fa613b-000000@email.amazonses.com>

Subject: =?UTF-8?B?4LiU4Li14LmE4LiL4LiZ4LmM4LiX4Li14LmI?=

=?UTF-8?B?4LmB4LiK4Lij4LmM4LiB4Lix4Lia4LiE4Li44LiT?=

MIME-Version: 1.0

Content-Type: multipart/related;

boundary="----=_Part_1405281_319353436.1778170629532"

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe:

Feedback-ID: tem_01e0br4wrepyfn6getyc5tz3h6::1.us-east-1.DcdLQsUfV4bQ5Js81yJ5zbYh1g1N/Fje4R2eTpK5fRw=:AmazonSES

X-SES-Outgoing: 2026.05.07-54.240.76.100

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: à¸¡à¸µà¸”à¸µà¹„à¸‹à¸™à¹Œà¸–à¸¹à¸à¹à¸Šà¸£à¹Œà¸à¸±à¸šà¸„à¸¸à¸“à¹‚à¸”à¸¢

swp30000@swp.ï»¿ac.ï»¿th à¸„à¸¸à¸“à¸£à¸¹à¹‰à¸ˆà¸±à¸à¸„à¸™à¸™à¸µà¹‰à¸¡à¸±à¹‰à¸¢?
à¸„à¸³à¹€à¸Šà¸´à¸

Canva à¸™à¸µà¹‰à¸¡à¸²à¸ˆà¸²à¸à¸„à¸™à¸—à¸µà¹ˆà¸„à¸¸à¸“à¸à¸²à¸ˆà¹„à¸¡à¹ˆà¸£à¸¹à¹‰à¸ˆà¸±à¸

à¸£à¸°à¸§à¸±à¸‡à¸ˆà¸°à¸– [...]

Content analysis details: (5.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.76.100 listed in dnsbl.ahbl.org]

[54.240.76.100 listed in dnsbl.ahbl.org]

[54.240.76.100 listed in dnsbl.ahbl.org]

[54.240.76.100 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.76.100 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.76.100 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.76.100 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.76.100 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

[54.240.76.100 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[54.240.76.100 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[54.240.76.100 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} =?UTF-8?B?4LiU4Li14LmE4LiL4LiZ4LmM4LiX4Li14LmI?=

=?UTF-8?B?4LmB4LiK4Lij4LmM4LiB4Lix4Lia4LiE4Li44LiT?=

er=20

border=3D0>

>
style=3D"WIDTH: 630px; MIN-WIDTH: 630px; MIN-HEIGHT: 1px;=

DISPLAY: block; MAX-HEIGHT: 1px"=20

alt=3D""=20

src=3D"https://www.bnc.ca/content/dam/bnc/formulaires/mod=

ele-courriel/spacer-social-media-1x1.gif"=20

width=3D630 height=3D1>

er=20

border=3D0>

=3Dcenter=20

border=3D0>

height=3D1>
style=3D"WIDTH: 600px; MIN-WIDTH: 600px; MIN-HEIGHT=

: 1px; DISPLAY: block; MAX-HEIGHT: 1px"=20

alt=3D""=20

src=3D"https://www.bnc.ca/content/dam/bnc/formulair=

es/modele-courriel/spacer-social-media-1x1.gif"=20

width=3D600 height=3D1>

TD>

er=3D0>

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-ser=

if,'Open Sans'; COLOR: #000000; LINE-HEIGHT: 15px; PADDING-RIGHT: 4px"=20

vAlign=3Dmiddle align=3Dright>Stay connected

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-ser=

if,'Open Sans'; COLOR: #000000; PADDING-LEFT: 6px; LINE-HEIGHT: 15px"=20

vAlign=3Dmiddle width=3D25 align=3Dleft>
href=3D"https://www.facebook.com/nationalbanknetwor=

ks"=20

target=3D_blank> 3D""=20<br

src=3D"https://www.bnc.ca/content/dam/bnc/formulair=

es/modele-courriel/icon-facebook-25x25.gif"=20

width=3D25 height=3D25>

National Bank Phish from Sendgrid PArt 1

Posted by Dave Yadallee on Thursday, May 7. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 07 May 2026 06:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wKxf1-000000008SK-1R5f

for dave@doctor.nl2k.ab.ca;

Thu, 07 May 2026 06:16:59 -0600

Resent-From: The Doctor

Resent-Date: Thu, 7 May 2026 06:16:59 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from s.wfbtzhsw.outbound-mail.sendgrid.net ([159.183.224.105]:17950)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wKxKB-00000000EzT-3EPn

for doctor@netknow.ca;

Thu, 07 May 2026 05:55:31 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zh-info-mktiyu.com;

h=list-unsubscribe:list-unsubscribe-post:from:subject:date:to:

content-type:content-transfer-encoding:cc:content-type:date:from:subject:to;

s=s1; t=1778154872;

bh=hZCz4eO6e5MX7s0IQ7O3qrmKVcxeKQuCrNuB9DfUH0k=;

b=SVl+Np4Sa5NE8/zGR/yjTytsWhRAN2X7BIDt3d/XgaRGq3WdONPw/cRuJJqbzeQtyb9e

yihTSh2xTeHzsaWJOiE01bfrWXOPeiW0cPBZTlwz5BmvMfg7DkhBT4s3fXNHOhMcyepL5Y

SklHhLPXDksUavkJB/X+cTRPnwza1WPwKxh2HtdqyAXlCxpODxTby4TvGf3DvxBfLp7s3/

LWXC0wV/0u3LzGCdZ8BUmvbl86g6bw6CSVQumZJdUzF1ETTR0VGpnEiOwzFYPgt+I6VQ/z

GGNSqzdqdxudlOU8AjofjdhkAD54631F0vnsgEQiawn0hM9fc7oo+Hh7T3SYGBhw==

Received: by recvd-canary-8df78fc55-887j2 with SMTP id recvd-canary-8df78fc55-887j2-1-69FC7D78-17

2026-05-07 11:54:32.496912256 +0000 UTC m=+742872.801977485

Received: from chuangmeng.net (unknown)

by geopod-ismtpd-20 (SG) with ESMTP

id di2KQhtjSfC49LyXCoqcLQ

for ;

Thu, 07 May 2026 11:54:32.354 +0000 (UTC)

X-Priority: 5

X-Mailer: Apple Mail (2.3445.9.1)

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

From: National Bank Direct Brokerage

Subject: Compliance Verification Update

Message-ID: <542b386385e883de790c3ec605351e09@zh-info-mktiyu.com>

Date: Thu, 07 May 2026 11:54:32 +0000 (UTC)

X-SG-EID:

=?us-ascii?Q?u001=2EqSrTYuf+buIuYTIRkkJ60PaCuK8FLEKUxWjcziMBe29vlItGCdu71=2FBuH?=

=?us-ascii?Q?7huuoZ3F6oE7l56gCfGkHNzwD+8zO+9NH0g4fdE?=

=?us-ascii?Q?U9JZzRSkPVbKCLdP+pZXEGN9QexGqJUpsjQfhBe?=

=?us-ascii?Q?TDlMq9LEUKiSvAK9dK5RIwV+azYZNvn0xDV11Nw?=

=?us-ascii?Q?=2FGDFSd+Mp9EX53hi4SWoT+rCBmiSRpCOPvVcwz3?=

=?us-ascii?Q?RXcavuLFqiQ7fp4obV3OKVz83Y3JwpwsI6JgXnx?=

=?us-ascii?Q?xnFdANl2TCidLa+CfLZTJGRImA=3D=3D?=

To: doctor@netknow.ca

X-Entity-ID: u001.EgAWfq/KHWaYWE8dhB1RNg==

Content-Type: text/html; charset=iso-8859-1

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 23.9

X-Spam_score_int: 239

X-Spam_bar: +++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Compliance Verification Update MESSAGE CONFIRMATION Compliance

Verification Update

Content analysis details: (23.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

1.5 MR_STRANGE_QUESTION URI: No description available.

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

1.5 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts

suspended", "account credited", "account

verification"

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} Compliance Verification Update

Compliance Verification Update

0>

style=3D"FONT-SIZE: 11px; FONT-FAMILY: Arial,sans-serif,'Open Sans'; CO=

LOR: #666666; PADDING-BOTTOM: 45px; LINE-HEIGHT: 12px"=20

vAlign=3Dtop width=3D600 align=3Dleft>
style=3D"TEXT-DECORATION: underline; COLOR: #666666"=20

href=3D"https://mjjwci7p5dtqvs0y4yk730e.live" target=3D_blank>
style=3D"DISPLAY: block" border=3D0 alt=3D"Button to the BNC website"=

=20

src=3D"https://www.bnc.ca/content/dam/bnc/formulaires/picto/NB_2D_RGB=

.jpg"=20

width=3D217>

der=3D0>

DY>

Mon	Tue	Wed	Thu	Fri	Sat	Sun
← Back	May '26					Forward →
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

3c4043; text-decoration: none;font-weight: 700;-webkit-font-smoothing: anti= aliased;margin: 0; padding: 0;">Organizer

;color: #3c4043; text-decoration: none;font-weight: 700;-webkit-font-smooth= ing: antialiased;margin: 0; padding: 0;">Guests

Archives

Categories

Syndicate This Blog

Blog Administration

Powered by

NetKnow Navigation

Remote RSS/OPML-Blogroll Feed

Error

addthis

Empire Avenue

Error

Error

Error

Syndicate This Blog

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

Error

3c4043; text-decoration: none;font-weight: 700;-webkit-font-smoothing: anti=

aliased;margin: 0; padding: 0;">Organizer

;color: #3c4043; text-decoration: none;font-weight: 700;-webkit-font-smooth=

ing: antialiased;margin: 0; padding: 0;">Guests