More Toronto Dominion Canada Trust Phish
Posted by Dave Yadallee on
From - Sat Dec 24 00:03:52 2011
X-Account-Key: account2
X-UIDL: `ZR"!4GI"!hg7!!ba0"!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: aboo@nk.ca
Delivery-date: Sat, 24 Dec 2011 00:03:10 -0700
Received: from host81-149-54-50.in-addr.btopenworld.com ([81.149.54.50] helo=click-property.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.77)
(envelope-from)
id 1ReLdL-0006e9-NU
for aboo@nk.ca; Sat, 24 Dec 2011 00:03:09 -0700
Received: from User ([207.57.126.179]) by click-property.com with Microsoft SMTPSVC(6.0.3790.4675);
Sat, 24 Dec 2011 07:02:47 +0000
From: "TD Canada Trust"
Subject: Your online account needs resolution
Date: Sat, 24 Dec 2011 08:02:39 -0000
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Message-ID:
X-OriginalArrivalTime: 24 Dec 2011 07:02:48.0676 (UTC) FILETIME=[0B964240:01CCC20A]
X-Spam_score: 5.2
X-Spam_score_int: 52
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear TD Canada Trust Online Banking, You have 1 unread Security
Message! Click here to resolve the problem [...]
Content analysis details: (5.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 BOTNET Relay might be a spambot or virusbot
[botnet0.8,ip=81.149.54.50,rdns=host81-149-54-50.in-addr.btopenworld.com,client,ipinhostname]
0.0 RELAY_CHECKER_IPHOSTNAME Hostname contains IP address
0.0 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
4.2 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
Subject: {SPAM?} Your online account needs resolution
X-UIDL: `ZR"!4GI"!hg7!!ba0"!
<_base_ target="_blank"> base being used for phishing
Sincerely,
TD Canada Trust
Online Banking Security Department Team.
X-Account-Key: account2
X-UIDL: `ZR"!4GI"!hg7!!ba0"!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: aboo@nk.ca
Delivery-date: Sat, 24 Dec 2011 00:03:10 -0700
Received: from host81-149-54-50.in-addr.btopenworld.com ([81.149.54.50] helo=click-property.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.77)
(envelope-from
id 1ReLdL-0006e9-NU
for aboo@nk.ca; Sat, 24 Dec 2011 00:03:09 -0700
Received: from User ([207.57.126.179]) by click-property.com with Microsoft SMTPSVC(6.0.3790.4675);
Sat, 24 Dec 2011 07:02:47 +0000
From: "TD Canada Trust"
Subject: Your online account needs resolution
Date: Sat, 24 Dec 2011 08:02:39 -0000
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Message-ID:
X-OriginalArrivalTime: 24 Dec 2011 07:02:48.0676 (UTC) FILETIME=[0B964240:01CCC20A]
X-Spam_score: 5.2
X-Spam_score_int: 52
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear TD Canada Trust Online Banking, You have 1 unread Security
Message! Click here to resolve the problem [...]
Content analysis details: (5.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 BOTNET Relay might be a spambot or virusbot
[botnet0.8,ip=81.149.54.50,rdns=host81-149-54-50.in-addr.btopenworld.com,client,ipinhostname]
0.0 RELAY_CHECKER_IPHOSTNAME Hostname contains IP address
0.0 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
4.2 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
Subject: {SPAM?} Your online account needs resolution
X-UIDL: `ZR"!4GI"!hg7!!ba0"!
<_base_ target="_blank"> base being used for phishing
Dear TD Canada Trust Online
Banking,
You have 1 unread Security Message!
Sincerely,
TD Canada Trust
Online Banking Security Department Team.
TD Group Financial Services Site - Copyright TD
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments