Acum cateva minute am primit un e-mail care pare a fi de la paypal, dar nu este.
Primul lucru care mi-a atras atentia este ca a venit pe adresa care nu am cont paypal.
Acesta e titlul la mesaj:
lately has been much activity detected on your account, you must review before limit
Header mesaj:
Acesta e link din mesaj:
Am incercat sa accesez link de mai sus cu view-source dar m-a redirectionat catre pagina normala si antivirusul a sarit in sus.
Am raportat mesajul la google ca fiind scam.
Primul lucru care mi-a atras atentia este ca a venit pe adresa care nu am cont paypal.
Acesta e titlul la mesaj:
lately has been much activity detected on your account, you must review before limit
Header mesaj:
Cod:
Delivered-To: [email protected]
Received: by 10.36.31.130 with SMTP id d124csp725959itd;
Sun, 4 Oct 2015 10:02:23 -0700 (PDT)
X-Received: by 10.66.164.132 with SMTP id yq4mr34624239pab.8.1443978143633;
Sun, 04 Oct 2015 10:02:23 -0700 (PDT)
Return-Path: <[email protected]>
Received: from p3nlsmtp20.shr.prod.phx3.secureserver.net (p3nlsmtp20.shr.prod.phx3.secureserver.net. [72.167.234.245])
by mx.google.com with ESMTP id fz3si33313799pbd.176.2015.10.04.10.02.23
for <[email protected]>;
Sun, 04 Oct 2015 10:02:23 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 72.167.234.245 as permitted sender) client-ip=72.167.234.245;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 72.167.234.245 as permitted sender) [email protected];
dmarc=fail (p=NONE dis=NONE) header.from=gmail.com
Received: from p3nlhg304.shr.prod.phx3.secureserver.net ([173.201.196.111])
by : HOSTING RELAY : with SMTP
id img3ZNvHwwX5ximg3ZqfqT; Sun, 04 Oct 2015 10:02:23 -0700
Received: from p3nlhg304.shr.prod.phx3.secureserver.net (localhost [127.0.0.1])
by p3nlhg304.shr.prod.phx3.secureserver.net (8.14.4/8.12.11) with ESMTP id t94H2N14018199
for <[email protected]>; Sun, 4 Oct 2015 10:02:23 -0700
Received: (from rj45tech@localhost)
by p3nlhg304.shr.prod.phx3.secureserver.net (8.14.4/8.14.4/Submit) id t94H2Nor018196;
Sun, 4 Oct 2015 10:02:23 -0700
Date: Sun, 4 Oct 2015 10:02:23 -0700
Message-Id: <201510041702.t94H2Nor018196@p3nlhg304.shr.prod.phx3.secureserver.net>
To: [email protected]
Subject: lately has been much activity detected on your account, you must review before limit
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Mailer: EDMAIL R6.00.02
From: [email protected]
X-CMAE-Envelope: MS4wfL8sKYtqR0DJvetll8pFVp4IuOqzazzLNhsSpEM1aM7anMrIqkWWqikmRzzY3fWjq6ffXx87XR4UgYDQZT/WA4lH7XamtX9/liPNyq/L6OuPDDtpoEbtbEvaZMAUr5xjFo8Zq7XxSyG+TYwKYZoRjttgwuTvDF3FtqK3JDvMmt0tP91O3vmqTftNUq70a8ee7q0fQpEuKNUo23L9y9xW/AjqXJQ7rOOydX2HuMOGc9z+GJibz3Ud9BMrNiYDvg3gjw==
<!--
______ ______ _______ _______ _______ .______ ____ ____ ___ .__ __. ______ .__ __. __ _______..___ ___. ___
/ | / __ | | ____|| | _ / / / | | | / __ | | | | | / || / | /
| ,----'| | | | | .--. || |__ | .--. | | |_) | / / / ^ | | | | | | | | | | | | | (----`| / | / ^
| | | | | | | | | || __| | | | | | _ < _ _/ / /_ | . ` | | | | | | . ` | | | | |/| | / /_
| `----.| `--' | | '--' || |____ | '--' | | |_) | | | / _____ | | | | `--' | | | | | | .----) | | | | | / _____
______| ______/ |_______/ |_______||_______/ |______/ |__| /__/ __ |__| __| ______/ |__| __| |__| |_______/ |__| |__| /__/ __
-->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">
<style type="text/css">body { width: 100% !important;}</style>
</head>
<body style="PADDING-BOTTOM: 0px; PADDING-TOP: 40px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BACKGROUND-COLOR: #e9e9e9">
<table style="WIDTH: 100%"> <tbody><tr>
<td style=" BACKGROUND-COLOR: #e9e9e9" align="center">
<table width="600" border="0">
<tbody><tr>
<td> <div>
<table cellspacing="0" cellpadding="0" width="600" border="0">
<tbody>
<tr>
<td style=" BACKGROUND: #ffffff; LINE-HEIGHT: 22px;border-radius: 10px 10px 0px 0px">
<table cellspacing="0" cellpadding="0" width="600" align="left" border="0">
<tbody>
<tr>
<td>
<div style="FONT-SIZE: 14px; FONT-FAMILY: Arial; COLOR: #747474;margin-left:30px">
<p align="left" >
<div style="FONT-SIZE: 10px; FONT-FAMILY: Arial black; COLOR: #919191">
<p style="FONT-SIZE: 22px"><strong><em><font color="#253b80">Pay</font><font color="#179bd7">Pal</font></em></strong><font size="1"><sub>
</sub></font></p></div></p>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
<div><table cellspacing="0" cellpadding="0" width="600" border="0">
<tbody>
<tr>
<td style=" BACKGROUND: #F3F3FF; ; LINE-HEIGHT: 22px">
<table cellspacing="0" cellpadding="0" width="600" align="left" border="0">
<tbody>
<tr>
<td>
<div>
<p align="justify" style="PADDING-LEFT: 30px; PADDING-RIGHT: 30px ;FONT-FAMILY: Arial; COLOR: #747474 ;FONT-SIZE: 15px"><strong>Dear Client,</strong><br>
Warning! Your account has been limited! As part of our
security measures, we proceed regularly screen activity to learn<br>
PayPal recently contacted you after having identified a problem on<br>
your Account. demand information from you for following reason:<br>
-Our system detected unusual charges to a card credit linked to your PayPal account.<br>
<b>What Should i do ? <b>
</p> </div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div><div>
<table cellspacing="0" cellpadding="0" width="600" border="0">
<tbody>
<tr>
<td style=" BACKGROUND: #ffffff; LINE-HEIGHT: 27px">
<table width="600" align="left" border="0">
<tbody>
<tr>
<td>
<div><p style="margin-left:30px"><a onclick="return true" href="update-your-account-informations.repairgymequipment.com/update-your-account-informations/Login" ><span style="FONT-SIZE: 14px; FONT-FAMILY: Arial; WIDTH: 200px; COLOR: #fff; TEXT-ALIGN: center; DISPLAY: inline-block; BACKGROUND-COLOR: #16AEFF;border-radius:7px"><strong>Check it Here</strong></span> </a></p> </div>
</td>
</tr>
</tbody>
</table></td>
</tr>
</tbody>
</table>
</div><div>
<table cellspacing="0" cellpadding="0" width="600" border="0">
<tbody>
<tr>
<td style=" BACKGROUND: #ffffff; LINE-HEIGHT: 22px;border-radius:0px 0px 10px 10px">
<table cellspacing="0" cellpadding="0" width="600" align="left" border="0">
<tbody>
<tr>
<td>
<div style="FONT-SIZE: 11px; FONT-FAMILY: Arial; COLOR: #747474;margin-left:30px;margin-right:30px"><hr size="2" color="#F0F0F0" width="100%">Acesta e link din mesaj:
Cod:
update-your-account-informations.repairgymequipment.com/update-your-account-informations/LoginAm incercat sa accesez link de mai sus cu view-source dar m-a redirectionat catre pagina normala si antivirusul a sarit in sus.
Am raportat mesajul la google ca fiind scam.
aypal, Banca, etc nu dau niciodata clik din email. Intru direct pe adresa site-ului. + ma uit si la HTTPS://
