Here’s a fake email that is purportedly from PayPal… LOL
—————————————————————————————————-
During our regularly scheduled account maintenance and verification procedure we have detected a
slight error in your PayPal account.
This might be due to the following reasons:
1. A recent change in your personal information (ie. change of address, email address)
2. An inability to accurately verify your selected option of payment due to an internal
error within our systems.
We have attached a form to this email. Please download the form and follow the
instructions on your screen. NOTE: The form needs to be opened in a modern browser which has
javascript enabled (Internet Explorer, Firefox ,Netscape)
Please understand that this is a security measure intended to help protect you and your account.
We apologize for any inconvenience.
If you choose to ignore our request, you leave us no choice but to temporary suspend your account.
Sincerely,
PayPal Account Review Department.
Please do not reply to this e-mail. Mail sent to this address are not monitored.
For assistance, log into your PayPal account and choose the “Help” link in the footer of any page.
—————————————————————————————————-
Pretty funny. I suppose people fall for this. The form asks for my credit card number.
Here’s the header, where the server plainly identifies that it’s forged email…
From – Mon Aug 30 17:48:10 2010
X-Account-Key: account2
X-UIDL: UID2-1282847278
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
X-Mozilla-Keys:
Return-path:
Envelope-to: info@music-city.net
Delivery-date: Mon, 30 Aug 2010 17:13:58 -0500
Received: from bearcomstores.com ([76.12.88.205]:3765 helo=mail.bearcomstores.com)
by gator1153.hostgator.com with esmtp (Exim 4.69)
(envelope-from
id 1OqCc1-00078E-Vo
for info@music-city.net; Mon, 30 Aug 2010 17:13:58 -0500
Received: from UnknownHost [71.54.209.101] by mail.bearcomstores.com with SMTP;
Mon, 30 Aug 2010 14:58:39 -0400
From: “PayPal”
Date: Mon, 30 Aug 2010 13:57:03 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=”—-=_NextPart_000_0121_01C2A9A6.67AB01C2″
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Spam-Status: Yes, score=5.8
X-Spam-Score: 58
X-Spam-Bar: +++++
X-Spam-Report: Spam detection software, running on the system “gator1153.hostgator.com”, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn’t spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: During our regularly scheduled account maintenance and verification
procedure we have detected a slight error in your PayPal account. This might
be due to the following reasons: 1. A recent change in your personal information
(ie. change of address, email address) [...]
Content analysis details: (5.8 points, 5.0 required)
pts rule name description
—- ———————- ————————————————–
0.0 MISSING_MID Missing Message-Id: header
1.6 MISSING_HEADERS Missing To: header
4.2 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
X-Spam-Flag: YES
Subject: [SPAM] Negative Balance
X-Antivirus: AVG for E-mail 9.0.851 [271.1.1/3102]
This is a multi-part message in MIME format.
