PayPal Phish
Posted by Dave Yadallee on
From services@paypalc.com Wed Aug 11 10:20:43 2010
Return-Path: services@paypalc.com
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: ***
X-Spam-Status: No, score=3.1 required=5.0 tests=FORGED_MUA_OUTLOOK
autolearn=no version=3.3.1
X-Original-To: doctor@nl2k.ab.ca
Delivered-To: doctor@nl2k.ab.ca
Received: from localhost (localhost.nl2k.ab.ca [127.0.0.1])
by doctor.nl2k.ab.ca (Postfix) with ESMTP id DF0C512CFAB4
for; Wed, 11 Aug 2010 10:20:43 -0600 (MDT)
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Received: from doctor.nl2k.ab.ca ([127.0.0.1])
by localhost (doctor.nl2k.ab.ca [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id TZgfePZWHki1 for;
Wed, 11 Aug 2010 10:20:40 -0600 (MDT)
Received: from macserver.worldnetwork.com.ar (mx.worldnetwork.com.ar
[190.210.82.1]) by doctor.nl2k.ab.ca (Postfix) with SMTP id E531412CFAB3
for; Wed, 11 Aug 2010 10:20:37 -0600 (MDT)
Received: from User (mail.rm-ha.org [72.243.101.178])
by macserver.worldnetwork.com.ar (Postfix) with ESMTP id 31A8F80E90A5;
Wed, 11 Aug 2010 13:20:21 -0300 (ART)
From: PayPal
Subject: PayPal Security Advisory !
Date: Wed, 11 Aug 2010 12:11:19 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_004B_01C2A9A6.315252A0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20100811162021.31A8F80E90A5@macserver.worldnetwork.com.ar>
To: undisclosed-recipients: ;
Status: RO
Content-Length: 36229
Lines: 618
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 7bit, Size: 1.0K --]
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
Military Grade Encryption is Only the Start
At PayPal, we want to increase your security and comfort
level with every transaction. From our Buyer and Seller
Protection Policies to our Verification and Reputation
systems, we'll help to keep you safe.
We recently noticed one or more attempts to log in to your
PayPal account from a foreign IP address and we have reasons
to belive that your account was Compromised by a third
party without your authorization.
If you recently accessed your account while traveling, the
unusual log in attempts may have been initiated by you.
However, if you are the rightfull holder of the
account, download the form attached to this email, fill the form
and then submit as we try to verify your identity.
If you choose to ignore our request, you leave us no choise
but to temporaly suspend your account.
We ask that you allow at least 72 hours for the case to be
investigated and we strongly recommend to verefy (sic) your
account in that time.
[-- Attachment #2: PayPal_Form.htm --]
[-- Type: application/octet-stream, Encoding: base64, Size: 34K --]
Content-Type: application/octet-stream;
name="PayPal_Form.htm"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="PayPal_Form.htm"
[-- application/octet-stream is unsupported (use 'v' to view this part) --]
Return-Path: services@paypalc.com
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: ***
X-Spam-Status: No, score=3.1 required=5.0 tests=FORGED_MUA_OUTLOOK
autolearn=no version=3.3.1
X-Original-To: doctor@nl2k.ab.ca
Delivered-To: doctor@nl2k.ab.ca
Received: from localhost (localhost.nl2k.ab.ca [127.0.0.1])
by doctor.nl2k.ab.ca (Postfix) with ESMTP id DF0C512CFAB4
for
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Received: from doctor.nl2k.ab.ca ([127.0.0.1])
by localhost (doctor.nl2k.ab.ca [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id TZgfePZWHki1 for
Wed, 11 Aug 2010 10:20:40 -0600 (MDT)
Received: from macserver.worldnetwork.com.ar (mx.worldnetwork.com.ar
[190.210.82.1]) by doctor.nl2k.ab.ca (Postfix) with SMTP id E531412CFAB3
for
Received: from User (mail.rm-ha.org [72.243.101.178])
by macserver.worldnetwork.com.ar (Postfix) with ESMTP id 31A8F80E90A5;
Wed, 11 Aug 2010 13:20:21 -0300 (ART)
From: PayPal
Subject: PayPal Security Advisory !
Date: Wed, 11 Aug 2010 12:11:19 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_004B_01C2A9A6.315252A0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20100811162021.31A8F80E90A5@macserver.worldnetwork.com.ar>
To: undisclosed-recipients: ;
Status: RO
Content-Length: 36229
Lines: 618
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 7bit, Size: 1.0K --]
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
Military Grade Encryption is Only the Start
At PayPal, we want to increase your security and comfort
level with every transaction. From our Buyer and Seller
Protection Policies to our Verification and Reputation
systems, we'll help to keep you safe.
We recently noticed one or more attempts to log in to your
PayPal account from a foreign IP address and we have reasons
to belive that your account was Compromised by a third
party without your authorization.
If you recently accessed your account while traveling, the
unusual log in attempts may have been initiated by you.
However, if you are the rightfull holder of the
account, download the form attached to this email, fill the form
and then submit as we try to verify your identity.
If you choose to ignore our request, you leave us no choise
but to temporaly suspend your account.
We ask that you allow at least 72 hours for the case to be
investigated and we strongly recommend to verefy (sic) your
account in that time.
[-- Attachment #2: PayPal_Form.htm --]
[-- Type: application/octet-stream, Encoding: base64, Size: 34K --]
Content-Type: application/octet-stream;
name="PayPal_Form.htm"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="PayPal_Form.htm"
[-- application/octet-stream is unsupported (use 'v' to view this part) --]
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments