- Charlie SharpsteenAsked on October 21, 2011 at 05:06 PM
Appended to this message is an email sent to one of the mailing lists I am a part of. The email in question appears to be a phishing attempt. I thought you might want to know since the scammer is using a form hosted on your site to gather username/password combinations.
Received: by 10.101.166.10 with SMTP id t10mr2857115ano.46.1319191425056; Fri, 21 Oct 2011 03:03:45 -0700 (PDT) X-BeenThere: firstname.lastname@example.org Received: by 10.101.163.13 with SMTP id q13ls17818402ano.0.gmail; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received: by 10.101.149.12 with SMTP id b12mr4172645ano.23.1319191421853; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received: by 10.101.149.12 with SMTP id b12mr4172643ano.23.1319191421782; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Return-Path: <daisy.dell...@sea-bi.com> Received: from mail.geimpro.net.br (mail.geimpro.net.br. [188.8.131.52]) by gmr-mx.google.com with ESMTP id g4si287903anh.0.2011.10.21.03.03.10; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning daisy.dell...@sea-bi.com does not designate 184.108.40.206 as permitted sender) client-ip=220.127.116.11; Authentication-Results: gmr-mx.google.com; spf=softfail (google.com: domain of transitioning daisy.dell...@sea-bi.com does not designate 18.104.22.168 as permitted sender) smtp.mail=daisy.dell...@sea-bi.com Received: from User (unknown [22.214.171.124]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.geimpro.net.br (Postfix) with ESMTP id D65EF8FFD16E; Fri, 21 Oct 2011 08:02:40 -0200 (BRST) Reply-To: <owner.not...@w.cn> From: "WEBMAIL ACCOUNT"<daisy.dell...@sea-bi.com> Subject: Your mailbox is almost full. Date: Fri, 21 Oct 2011 15:33:03 +0530 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Antivirus: avast! (VPS 111020-2, 10/20/2011), Outbound message X-Antivirus-Status: Clean Message-Id: <20111021100240.D65EF8FFD16E@mail.geimpro.net.br> To: undisclosed-recipients:;This message is from Administration centre Maintenance Policy, Your Web-mail Quota Has Exceeded. Please Click the Link Below To Validate Your Mailbox And Increase Your Quota.CLICK HERE: http://www.jotform.com/form/12931314382Failure To Click This Link And Validate Your Quota May Result In Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.Thank you for your cooperation. Web Mail Technical Services.Page URL:
- AtacanCAnswered on October 21, 2011 at 05:15 PM
Thank you very much for reporting this issue to us. We apologize for any inconvenience this may have caused. The form and the responsible account has been suspended.