Dear client,
You are receiving this message because your subscription for LogMeIn Central has expired.
We were not able to charge you with the due amount because your credit card was declined.
You can download the bill directly from the LogMeIn website:
https://accounts.logme.in/billing.aspx?clusterid=0724&view_bill_id=3716 4647&file_type=doc
Please use another credit card or payment method in order to avoid complete service interruption.
Event type: Credit Card Declined
Account email: *.*
At: 21/11/2016
If you need more help, visit LogMeIn Support at:
http://solutions.logmein. com/SalesContactUs
Important Security Notice:
LogMeIn will never for your password or other sensitive information by email.
(Please don't reply to this email, as it's sent from an address that's not monitored.)
© LogMeIn Inc
Virus analysis :
CLICK : https://accounts.logme.in/billing.aspx?clusterid=0724&view_bill_id=3716 4647&file_type=doc
OPEN : https://reg.vn/en/view_bill.php?id=d2VibWFzdGVyQHJiY2FmZS5jb20=
DOWNLOAD : lgm_bill89831.doc
lgm_bill89831.doc : VIRUS
lgm_bill89831.doc analysis :
SHA256 : fc1f1845e47d4494a02407c524eb0e94b6484045adb783e90406367ae20a83ac
FILE : lgm_bill89831.doc
ALYac : Trojan.Downloader.W97M.Gen
Ad-Aware : W97M.Downloader.ESE
AegisLab : Troj.Downloader.Msword.Agent!c
Arcabit : W97M.Downloader.ESE
BitDefender : W97M.Downloader.ESE
Cyren : W97M/Nastjencro
ESET-NOD32 : VBA/Kryptik.T
Emsisoft : W97M.Downloader.ESE (B)
F-Prot : New or modified W97M/Nastjencro
F-Secure : Trojan:W97M/Nastjencro.A
GData : W97M.Downloader.ESE
Ikarus : Trojan-Downloader.VBA.Agent 20161121
Kaspersky : Trojan-Downloader.MSWord.Agent.auz
McAfee : W97M/Dropper.cu
McAfee-GW-Edition : W97M/Dropper.cu
eScan : W97M.Downloader.ESE
Microsoft : TrojanDownloader:O97M/Donoff!map
Sophos : Troj/DocDl-FQK
Symantec : W97M.Downloader
Tencent : Win32.Trojan.Inject.Auto
TrendMicro : W2KM_HANCITOR.AUSTT
TrendMicro-HouseCall : W2KM_HANCITOR.AUSTT
Email analysis :
NOTE : billing@secure-lgm.com
NOTE : Received : from wsip-70-165-74-172.hr.hr.cox.net
NOTE : (HELO secure-lgm.com) (70.165.74.172)
Tuesday, November 22, 2016
Sunday, January 10, 2016
Update your mobile phone (LogMeIn Phishing)
LogMeIn
Update your mobile phone
Get started with two-step verification
Two-step verification adds a second layer of protection to your account. Just like cash machine that protects your money by requiring a card and a PIN.
How it will protect you
After entering your LogMeIn ID and password, you will also be required to enter a one-time code that you get from a mobile authenticator app or via email or sms.
Get Started
Note: Getting two-step verification enabled is now mandatory to continue using your account, if any account is fails to subscribe two-step verification will be blocked without any further notice.
Replies to this email are not monitored.
Email intended for ***
© LogMeIn Inc, 320 Summer St., Boston MA, 02210
Message ID - ***
***
Phishing analysis :
CLICK : Get Started
OPEN : http://www.infolex.lt/ta/Redirect.aspx?Url=http://accounts.logme.in.login.aspx.clusterid.bioder.com.tr/images/.x/logme/index.php
REDIRECT : http://accounts.logme.in.login.aspx.clusterid.bioder.com.tr/images/.x/logme/index.php
SCREENSHOT :
CLICK : LOG IN
SCREENSHOT :
SCREENSHOT :
Email analysis :
NOTE : test@mg-bielefeld.de
NOTE : client-ip=94.205.155.2;
NOTE : Received : from static.130.139.9.176.clients.your-server.de
NOTE : ([176.9.139.130] helo=[127.0.0.1])
NOTE : by arbfinancial.com
NOTE : Content-Type : multipart/alternative; boundary="--_com.android.email_***
Update your mobile phone
Get started with two-step verification
Two-step verification adds a second layer of protection to your account. Just like cash machine that protects your money by requiring a card and a PIN.
How it will protect you
After entering your LogMeIn ID and password, you will also be required to enter a one-time code that you get from a mobile authenticator app or via email or sms.
Get Started
Note: Getting two-step verification enabled is now mandatory to continue using your account, if any account is fails to subscribe two-step verification will be blocked without any further notice.
Replies to this email are not monitored.
Email intended for ***
© LogMeIn Inc, 320 Summer St., Boston MA, 02210
Message ID - ***
***
Phishing analysis :
CLICK : Get Started
OPEN : http://www.infolex.lt/ta/Redirect.aspx?Url=http://accounts.logme.in.login.aspx.clusterid.bioder.com.tr/images/.x/logme/index.php
REDIRECT : http://accounts.logme.in.login.aspx.clusterid.bioder.com.tr/images/.x/logme/index.php
SCREENSHOT :
CLICK : LOG IN
SCREENSHOT :
SCREENSHOT :
Email analysis :
NOTE : test@mg-bielefeld.de
NOTE : client-ip=94.205.155.2;
NOTE : Received : from static.130.139.9.176.clients.your-server.de
NOTE : ([176.9.139.130] helo=[127.0.0.1])
NOTE : by arbfinancial.com
NOTE : Content-Type : multipart/alternative; boundary="--_com.android.email_***
Subscribe to:
Posts (Atom)