Jump to content

Honey for phishing


garny
 Share

Recommended Posts

So I have received this email on a account I rearly read. Please feel free to use this info. I hope they get trapped if possible.

Return-Path: <bruno.lucarelli[at]aslromag.it>

Received: from ltpass.cc.bas.bg (ltpass.cc.bas.bg [213.191.193.114])

by ns.math.bas.bg (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id oAODsCNX013905

(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);

Wed, 24 Nov 2010 15:54:12 +0200

Received: from mail.aslromag.it (mail.aslromag.it [80.207.111.136])

by ltpass.cc.bas.bg (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id oAODnm7R020553;

Wed, 24 Nov 2010 15:49:49 +0200

Received: from localhost (localhost [127.0.0.1])

by mail.aslromag.it (Postfix) with ESMTP id 63294F60EC;

Wed, 24 Nov 2010 14:49:41 +0100 (CET)

X-Virus-Scanned: clamav-milter 0.96.3 at mail

Received: from mail.aslromag.it ([127.0.0.1])

by localhost (webtest.romag [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id fDv6SeSD7u25; Wed, 24 Nov 2010 14:49:40 +0100 (CET)

Received: by mail.aslromag.it (Postfix, from userid 103)

id A4786F5393; Wed, 24 Nov 2010 14:49:33 +0100 (CET)

Received: from webtest.romag (webtest.romag [192.168.1.136])

by mail.aslromag.it (Postfix) with ESMTP id 2DB50EFE23;

Wed, 24 Nov 2010 14:49:31 +0100 (CET)

Date: Wed, 24 Nov 2010 14:49:30 +0100 (CET)

From: "I.T. service Desk" <bruno.lucarelli[at]aslromag.it>

Reply-To: "I.T. service Desk" <IT.servicedesk[at]my.sysadmin.it>

Message-ID: <31092090.122331290606570350.JavaMail.root[at]webtest>

Subject: Re: Final Notification.

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [115.133.108.179]

X-Mailer: Zimbra 5.0.14_GA_2850.SuSEES10 (ZimbraWebClient - SAF3 (Win)/5.0.14_GA_2850.SuSEES10)

To: undisclosed-recipients:;

X-Virus-Status: Clean

This message is sent automatically by the computer. If you receive this message it

means that your email address has been queued for deactivation; this was as a result

of a continuous error scri_pt (code: 505) received from this email address. To

resolve this problem you must reset your email address. In order to reset this email

address, you must reply to this e-mail by providing us the following Information for

confirmation.

Current Email Address: { }

Current Email Password: { }

Re-confirm Password: { }

Note: Providing wrong information or ignoring this message will resolve to the

deactivation of this Email Address from our database, we apologize for any

inconvenience.

For urgent assistance you are to contact customer help desk on.

Email: IT[at]my.sysadmin.it

Tel: 1 -800 CONTACTS

Link to comment
Share on other sites

An example of an all too common phishing attack. Feel free to forward a complaint to the administration of that network at abuse[at]business.telecomitalia.it Feel free also to register for a free reporting account with SC and submit similar (more recent) examples so you may go on to send reports to such network administrators through SC and to support the SCbl at the same time. There are also anti-phishing organizations which welcome reports of such activity. And there is KnujOn (look it up) which welcomes/begs for spam. None (including SC) is, unfortunately, going to show immediate effect, far less will they result in the satisfying spectacle of the bright blood and pliable strands of viscera of the guilty parties being splashed all over the landscape. But those measures are going to achieve, quietly, more positive results than posting your spam here. That's not how it works and spam posting is actually discouraged.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...