Suspected phishing attempt

  • Profile Image
    Charlie Sharpsteen
    Asked on October 21, 2011 at 05:06 PM

    Hello,

    Appended to this message is an email sent to one of the mailing lists I am a part of. The email in question appears to be a phishing attempt. I thought you might want to know since the scammer is using a form hosted on your site to gather username/password combinations.

     

    -Charlie

     

    Received: by 10.101.166.10 with SMTP id t10mr2857115ano.46.1319191425056; Fri, 21 Oct 2011 03:03:45 -0700 (PDT) X-BeenThere: macfuse@googlegroups.com Received: by 10.101.163.13 with SMTP id q13ls17818402ano.0.gmail; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received: by 10.101.149.12 with SMTP id b12mr4172645ano.23.1319191421853; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received: by 10.101.149.12 with SMTP id b12mr4172643ano.23.1319191421782; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Return-Path: <daisy.dell...@sea-bi.com> Received: from mail.geimpro.net.br (mail.geimpro.net.br. [187.52.139.52]) by gmr-mx.google.com with ESMTP id g4si287903anh.0.2011.10.21.03.03.10; Fri, 21 Oct 2011 03:03:41 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning daisy.dell...@sea-bi.com does not designate 187.52.139.52 as permitted sender) client-ip=187.52.139.52; Authentication-Results: gmr-mx.google.com; spf=softfail (google.com: domain of transitioning daisy.dell...@sea-bi.com does not designate 187.52.139.52 as permitted sender) smtp.mail=daisy.dell...@sea-bi.com Received: from User (unknown [180.215.137.246]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.geimpro.net.br (Postfix) with ESMTP id D65EF8FFD16E; Fri, 21 Oct 2011 08:02:40 -0200 (BRST) Reply-To: <owner.not...@w.cn> From: "WEBMAIL ACCOUNT"<daisy.dell...@sea-bi.com> Subject: Your mailbox is almost full. Date: Fri, 21 Oct 2011 15:33:03 +0530 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Antivirus: avast! (VPS 111020-2, 10/20/2011), Outbound message X-Antivirus-Status: Clean Message-Id: <20111021100240.D65EF8FFD16E@mail.geimpro.net.br> To: undisclosed-recipients:;This message is from Administration centre Maintenance Policy, Your Web-mail Quota Has Exceeded. Please Click the Link Below To Validate Your Mailbox And Increase Your Quota.CLICK HERE: http://www.jotform.com/form/12931314382Failure To Click This Link And Validate Your Quota May Result In Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.Thank you for your cooperation. Web Mail Technical Services.

  • Profile Image
    AtacanC
    Answered on October 21, 2011 at 05:15 PM

    Hi Charlie,

    Thank you very much for reporting this issue to us. We apologize for any inconvenience this may have caused. The form and the responsible account has been suspended.