Phishing Phorm

  • Profile Image
    Israel Hsu
    Asked on November 28, 2011 at 04:07 AM

    I received an email that redirected me to a form on your site that looks like a phishing attack. The form is at


    The email is:

    Return-Path: <> Received: from ( []) by (8.13.8+Sun/8.13.8/UCLACS-6.0) with ESMTP id pAS6QWQn008953 for <>; Sun, 27 Nov 2011 22:26:32 -0800 (PST) Received: by (Postfix) id 84C3C253D6; Sun, 27 Nov 2011 22:26:32 -0800 (PST) Delivered-To: Received: from ( []) by (Postfix) with ESMTP id 58AB9253D3 for <>; Sun, 27 Nov 2011 22:26:32 -0800 (PST) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ak13ACQp007AqMjO/2dsb2JhbABEgn0BEpwTA4pCAQEWgQaBBYEMAUsBASY0TwQDECCBGoYKghSLR4o4kByFXIkFhzIPdoIrBIdwjFqFYIR3gmYBhh8B X-IronPort-AV: E=Sophos;i="4.69,582,1315195200"; d="scan'208";a="2951193" X-SBRS: None Received: from unknown (HELO ([]) by with SMTP; 28 Nov 2011 01:26:31 -0500 To: (Recipient List Suppressed) Sender: From: Reply-to: Subject: WARNING! X-Mailer: Cogeco Webmail - complaints to ( - ) X-Originating-IP: Date: Sun, 27 Nov 2011 18:26:31 -1200 X-Priority: 3 (Normal) Message-id: <> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printableYour Email Has Reach its set quota, copy or paste the link below and fill out the required details toavoid lost of your UCLA account. of California, Los Angeles Ucla Helpdesk Centre Copyright =a92011
  • Profile Image
    Answered on November 28, 2011 at 04:11 AM

    Hi Israel,

    I have now suspended the account where the form is connected to. Thank you so much for reporting.