Madame, Monsieur,
A la requête de votre créancier, PAYPAL (Europe) SARL & Cie- 22-24
Boulevard ROYAL -L-2449 LUXEMBOURG , dont la Easytransac
est le mandataire, vous êtes redevable de la somme de 53,83 EUR
qui représente l'état débiteur de votre compte PayPal à ce jour.
En vertu du mandat qui nous a été confié par PayPal, dans le
cadre d'un recouvrement amiable nous agissons conformément à la loi du
09/07/1991 (art. 32*). Aucun frais ne vous est réclamé à ce stade de la
procédure.
Nature de la créance : Compte PayPal débiteur
MONTANT TTC : 53,83 EUR
Date de limite de paiement : à réception de ce courrier électronique
A défaut de paiement, nous serons contraints de transmettre votre
dossier à notre service juridique chargé d'engager une procédure
contentieuse à votre encontre, et qui pourra éventuellement saisir le
tribunal afin d'obtenir un titre exécutoire, ce qui ajouterait au
principal de la créance les dommages et intérêts légaux, ainsi que ceux
demandés au titre de l'Article 700 du Nouveau Code de Procédure Civile.
Tout paiement doit être adressé à :
Easytransac
15 Rue Auguste Gervais, 92130 Issy-les-Moulineaux, France
Modes de paiement acceptés :
- par virement bancaire:
NOM: Paypal IE
IBAN: IE43PFSR99107013999485
BIC: PFSRIE21
REFERENCE : DEBIT92037357FR
Montant: 53,88 Euro
Note : il est impossible de répondre à ce message électronique pour
raison de sécurité et de confidentialité des informations vous concernant.
« sauf s'ils concernent un acte dont l'accomplissement est prescrit
par la loi, les frais de recouvrement entrepris sans titre exécutoire
restent à la charge du créancier, toute stipulation contraire est
réputée non écrite. Cependant, le créancier qui justifie du caractère
nécessaire des démarches entreprises pour recouvrer sa créance peut
demander au juge de l'exécution de laisser tout ou partie des frais
ainsi exposés à la charge du débiteur de mauvaise foi. »
Conformément à l'art.27 de la loi n°78-17 d'Informatique et Liberté,
vous disposez d'un droit d'accès et de rectification pour les données
nominatives vous concernant auprès de l'émetteur de la présente.
Easytransac au capital de 3 365 000 EUR
15 Rue Auguste Gervais, 92130 Issy-les-Moulineaux, France
Email analysis :
NOTE : spoofing noreply@recouvrement.com
NOTE : 157.230.106.218
NOTE : recouvrement.com
NOTE : WHOIS recouvrement.com
Domain Name: RECOUVREMENT.COM
Registry Domain ID: 1435933_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.ovh.com
Registrar URL: http://www.ovh.com
Updated Date: 2020-12-21T09:54:06Z
Creation Date: 1998-06-17T04:00:00Z
Registry Expiry Date: 2023-06-16T04:00:00Z
Registrar: OVH sas
Registrar IANA ID: 433
Registrar Abuse Contact Email: abuse@ovh.net
Registrar Abuse Contact Phone: +33.972101007
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: CHLOE.NS.CLOUDFLARE.COM
Name Server: JULIO.NS.CLOUDFLARE.COM
DNSSEC: signedDelegation
DNSSEC DS Data: 2371 13 2 C404DEF0800990F7567A91CBE3B57DBCF85000197A828A351EFB3D2C1968CBB1
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
Wednesday, October 26, 2022
Friday, January 5, 2018
Account Notification (PayPal Phishing)
PayPal
Notification : janvier 02, 2018
Beloved , Costumer(s)
Your account acces will be denied because we've noticed significant changes in your activity. As your last payment method, we need to understand these update sbetter.
This account Iimitation will affect your ability to:
Send or receive money
Withdraw money
Also, you won't be able to:
Remove any accounts
Remove credit cards
Close your account
What to do next ?
Please log in to your account and provide the requested information through the Resolution Center. If we don't receive the information before this deadline or we notice additional significant changes in your account activity, your account access may be further Iimited.
Reload my account
Thank you for your understanding and cooperation. If you need further assistance, please check our support case ID
Copyright © 2017 PayPol, Inc. All rights reserved. PayPol is located at 2211 N. First St., San Jose, CA 95131.I'm a new Text block ready for your content.
Phishing screenshot :
Email analysis :
NOTE : no-reply@server5.floathosting1.com
NOTE : Account Notification
Phishing analysis :
CLICK : Reload my account
OPEN : http://bksvm.in/includes/.international/Login-account/
REDIRECT : http://bksvm.in/includes/.international/Login-account/*/Up-dating.php?country.x=*&ACCT.x=*
SCREENSHOT :
CLICK : Einloggen
REDIRECT : http://bksvm.in/includes/.international/Login-account/*/Up-dating.php?log=*
SCREENSHOT :
NOTE : PayPal phishing at : http://bksvm.in/
Notification : janvier 02, 2018
Beloved , Costumer(s)
Your account acces will be denied because we've noticed significant changes in your activity. As your last payment method, we need to understand these update sbetter.
This account Iimitation will affect your ability to:
Send or receive money
Withdraw money
Also, you won't be able to:
Remove any accounts
Remove credit cards
Close your account
What to do next ?
Please log in to your account and provide the requested information through the Resolution Center. If we don't receive the information before this deadline or we notice additional significant changes in your account activity, your account access may be further Iimited.
Reload my account
Thank you for your understanding and cooperation. If you need further assistance, please check our support case ID
Copyright © 2017 PayPol, Inc. All rights reserved. PayPol is located at 2211 N. First St., San Jose, CA 95131.I'm a new Text block ready for your content.
Phishing screenshot :
Email analysis :
NOTE : no-reply@server5.floathosting1.com
NOTE : Account Notification
Phishing analysis :
CLICK : Reload my account
OPEN : http://bksvm.in/includes/.international/Login-account/
REDIRECT : http://bksvm.in/includes/.international/Login-account/*/Up-dating.php?country.x=*&ACCT.x=*
SCREENSHOT :
CLICK : Einloggen
REDIRECT : http://bksvm.in/includes/.international/Login-account/*/Up-dating.php?log=*
SCREENSHOT :
NOTE : PayPal phishing at : http://bksvm.in/
Friday, November 17, 2017
Account status has been changed (invoice 02574) (PayPal Phishing)
Dear PayPal Customer ,
We detected something unusual about a recent sign-in for the PayPal account . For example, you might be signing in from a new location, device, or app.
To help keep you safe, we've blocked access to your PayPal account , Billing Info, and calendar for that sign-in. Please review your recent activity and we'll help you take corrective action. To regain access, you'll need to confirm that the recent activity was yours.
Review recent activity
Thanks,
The PayPal account team
Copyright© 1996-2017 PayPal.com, Inc. All right reserved
Email analysis :
NOTE : support@vweb12.nitrado.net
NOTE : Received : by vweb12.nitrado.net
Phishing screenshot :
Phishing analysis :
CLICK : Review recent activity
OPEN : www.update-service.clanonzj.beget.tech/
REDIRECT : http://www.update-service.clanonzj.beget.tech/*/login.php?cmd=_account-details&session=*
SCREENSHOT :
NOTE : FILL FAKE INFO
REDIRECT : http://www.update-service.clanonzj.beget.tech/*/Billing.php?cmd=_account-details&session=*&dispatch=*
SCREENSHOT :
NOTE : PayPal Phishing
We detected something unusual about a recent sign-in for the PayPal account . For example, you might be signing in from a new location, device, or app.
To help keep you safe, we've blocked access to your PayPal account , Billing Info, and calendar for that sign-in. Please review your recent activity and we'll help you take corrective action. To regain access, you'll need to confirm that the recent activity was yours.
Review recent activity
Thanks,
The PayPal account team
Copyright© 1996-2017 PayPal.com, Inc. All right reserved
Email analysis :
NOTE : support@vweb12.nitrado.net
NOTE : Received : by vweb12.nitrado.net
Phishing screenshot :
Phishing analysis :
CLICK : Review recent activity
OPEN : www.update-service.clanonzj.beget.tech/
REDIRECT : http://www.update-service.clanonzj.beget.tech/*/login.php?cmd=_account-details&session=*
SCREENSHOT :
NOTE : FILL FAKE INFO
REDIRECT : http://www.update-service.clanonzj.beget.tech/*/Billing.php?cmd=_account-details&session=*&dispatch=*
SCREENSHOT :
NOTE : PayPal Phishing
Verify Your PayPal Account! (PayPal Phishing Attempt)
Dear PayPal user,
This is an automatic message by the system to let you know that you have to confirm your account information within 48 hours. Your account has been frozen temporarily in order to protect it.
To proceed to confirm your account information please click on the link below and follow the instructions that will be required.This will help protect you in the future. The process does not take more than 3 minutes.
Confirm your account
Click here to verify
Once you have updated your account records, your information will be confirmed and your account will start to work as normal once again.
Sincerely,
PayPal Account Review Department
(Case ID #PP-003-498-237-832)
Email analysis :
NOTE : sal.moncalieri@engim.it
NOTE : Received : from zimbra.engim.it (zimbra.engim.it [192.168.67.112])
NOTE : 192.168.67.112
Phishing screenshot :
Phishing analysis :
CLICK : Click here to verify
OPEN : http://rederswhitesincs.com/secure_pp
RESULT : PayPal Phishing attempt
This is an automatic message by the system to let you know that you have to confirm your account information within 48 hours. Your account has been frozen temporarily in order to protect it.
To proceed to confirm your account information please click on the link below and follow the instructions that will be required.This will help protect you in the future. The process does not take more than 3 minutes.
Confirm your account
Click here to verify
Once you have updated your account records, your information will be confirmed and your account will start to work as normal once again.
Sincerely,
PayPal Account Review Department
(Case ID #PP-003-498-237-832)
Email analysis :
NOTE : sal.moncalieri@engim.it
NOTE : Received : from zimbra.engim.it (zimbra.engim.it [192.168.67.112])
NOTE : 192.168.67.112
Phishing screenshot :
Phishing analysis :
CLICK : Click here to verify
OPEN : http://rederswhitesincs.com/secure_pp
RESULT : PayPal Phishing attempt
Sunday, September 3, 2017
Notification(1) (PayPal Phishing Attempt)
ΡayΡal
PayΡal Security Center !
Hello Customer,
We've Iimited access tο yοur accοunt, because yοur accοunt was recently lοgged intο frοm a new brοwser οr device.
Was that yοu ?
Whаt dο i need tο dο ?
In οrder tο аccess yοur accοunt again, yοu need tο verify yοur identity by fοllοwing sοme οf οur security steps.
Click here to update your paypaI account
Please dο nοt reply tο this email. Tο get in touch, gο tο the PayΡal website and click Help.
Cοpyright © 1999-2017 PayΡal Support. All rights reserved.
[Νotice]: If this email was sent to your junk or spаm box please mаke sure to tick it as not spаm due to our new security updаte ! аnd we аre sorry аbout thаt.
Email analysis :
NOTE : email@pay.com
NOTE : hargakac@wp.eazysmart.com
NOTE : client-ip=192.252.214.196;
Screenshot of the Phishing :
Phishing analysis :
CLICK : Click here to update your paypaI account
OPEN : https://www.jackpad.com.au/-/Found/
RESULT : PayPal Phishing Attempt
PayΡal Security Center !
Hello Customer,
We've Iimited access tο yοur accοunt, because yοur accοunt was recently lοgged intο frοm a new brοwser οr device.
Was that yοu ?
Whаt dο i need tο dο ?
In οrder tο аccess yοur accοunt again, yοu need tο verify yοur identity by fοllοwing sοme οf οur security steps.
Click here to update your paypaI account
Please dο nοt reply tο this email. Tο get in touch, gο tο the PayΡal website and click Help.
Cοpyright © 1999-2017 PayΡal Support. All rights reserved.
[Νotice]: If this email was sent to your junk or spаm box please mаke sure to tick it as not spаm due to our new security updаte ! аnd we аre sorry аbout thаt.
Email analysis :
NOTE : email@pay.com
NOTE : hargakac@wp.eazysmart.com
NOTE : client-ip=192.252.214.196;
Screenshot of the Phishing :
Phishing analysis :
CLICK : Click here to update your paypaI account
OPEN : https://www.jackpad.com.au/-/Found/
RESULT : PayPal Phishing Attempt
Thursday, August 24, 2017
Your PayPal account has been temporarily Locked! (PayPal Phishing)
paypal
Welcome
Dear *@*,
Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)
Activate
Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.
Yours sincerely,
PayPalYours sincerely,
PayPal
Email analysis :
NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])
Phishing analysis :
CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :
TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :
CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :
CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :
Welcome
Dear *@*,
Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)
Activate
Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.
Yours sincerely,
PayPalYours sincerely,
PayPal
Email analysis :
NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])
Phishing analysis :
CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :
TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :
CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :
CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :
Tuesday, July 11, 2017
Rappel : mettez à jour vos informations de carte sur PayPal
PayPal
Informations concernant votre compte:
Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:
Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.
Numéro de Référence: PP-259-187-991
C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.
une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.
Cliquer ici pour vérifier votre compte
Nous vous remercions de votre grande attention à cette question. S’il vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..
Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.
PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349
Email PayPal n° PP059
Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.
Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.
Pour plus d'informations sur la protection contre la fraude, s’il vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.
Phishing screenshot :
Email analysis :
NOTE : Paypal@contact.ca
NOTE : Received : from User ([105.73.26.254])
NOTE : by mail.xinyiglass.com with Microsoft SMTPSVC(6.0.3790.3959);
Phishing analysis :
CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://lelogisbranche.fr/js/mage/adminhtml/wysiwyg/tiny_mce/plugins/magentovariable/img/Notification-servier-compte-demande.php
REDIRECT : http://www.sagarparaptti.org.in/cgi-sys/suspendedpage.cgi
NOTE : Phishing was removed.
Informations concernant votre compte:
Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:
Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.
Numéro de Référence: PP-259-187-991
C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.
une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.
Cliquer ici pour vérifier votre compte
Nous vous remercions de votre grande attention à cette question. S’il vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..
Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.
PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349
Email PayPal n° PP059
Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.
Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.
Pour plus d'informations sur la protection contre la fraude, s’il vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.
Phishing screenshot :
Email analysis :
NOTE : Paypal@contact.ca
NOTE : Received : from User ([105.73.26.254])
NOTE : by mail.xinyiglass.com with Microsoft SMTPSVC(6.0.3790.3959);
Phishing analysis :
CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://lelogisbranche.fr/js/mage/adminhtml/wysiwyg/tiny_mce/plugins/magentovariable/img/Notification-servier-compte-demande.php
REDIRECT : http://www.sagarparaptti.org.in/cgi-sys/suspendedpage.cgi
NOTE : Phishing was removed.
Tuesday, May 23, 2017
Confirme your account ! (PayPal Phishing)
Important Notification : We Need To Validate Your ΡΑΥΡΑL Information
If you are seeing the messages this means that your account has been visited from an unusual place given below :
IP : 67.86.204.244
Country : United States
City : New York, Ossining
As a security measure, your account has been Iimited.
Case id : PP-801-707-047
Don't worry, you will be able to get your account back just after finishing this steps.
Continue
Email analysis :NOTE :
NOTE : Received : from d793.dinaserver.com (d793.dinaserver.com. [82.98.157.143])
NOTE : firstsunmallorca@d793.dinaserver.com
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : firstsunmallorca@d793.dinaserver.com designates 82.98.157.143 as permitted sender)
Phishing screenshot :
Phishing analysis :
CLICK : Continue
OPEN : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/signin/
NOTE : VALIDATE FORM
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/settings/?verify_account=session=NL&*&dispatch=*
SCREENSHOT :
If you are seeing the messages this means that your account has been visited from an unusual place given below :
IP : 67.86.204.244
Country : United States
City : New York, Ossining
As a security measure, your account has been Iimited.
Case id : PP-801-707-047
Don't worry, you will be able to get your account back just after finishing this steps.
Continue
Email analysis :NOTE :
NOTE : Received : from d793.dinaserver.com (d793.dinaserver.com. [82.98.157.143])
NOTE : firstsunmallorca@d793.dinaserver.com
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : firstsunmallorca@d793.dinaserver.com designates 82.98.157.143 as permitted sender)
Phishing screenshot :
Phishing analysis :
CLICK : Continue
OPEN : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/signin/
NOTE : VALIDATE FORM
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/settings/?verify_account=session=NL&*&dispatch=*
SCREENSHOT :
PayPal Phishing
PayPal
Informations concernant votre compte:
Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:
Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.
Numéro de Référence: PP-259-187-991
C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.
une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.
Cliquer ici pour vérifier votre compte
Nous vous remercions de votre grande attention à cette question. Sil vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..
Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.
PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349
Email PayPal n° PP059
Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.
Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.
Pour plus d'informations sur la protection contre la fraude, sil vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.
--
This email was Virus checked by Astaro Security Gateway. http://www.sophos.com
Email analysis :
NOTE : Paypal@contact.ca
NOTE : Received : from [200.107.238.35] (port=2757 helo=User) by mx1.shary.com.sa
NOTE : client-ip=94.77.230.169;
Phishing screenshot :
Phishing analysis :
CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://mir-pchelovoda.ru/components/com_acepolls/views/poll/tmpl/Notifications-service-demande-compte-ca.php
REDIRECT : http://www.sunshinetravel.az/js/tinymce/plugins/autoresize/ooo412312aaaa/Notifications-compte-Canada-quebec-verified-moi-information.ca/comfirmetions-service-information-compte-demande.ca/
SCREENSHOT :
CLICK : CONNEXION
RESULT : BAD PASSWORD...
REDIRECT : http://www.sunshinetravel.az/js/tinymce/plugins/autoresize/ooo412312aaaa/Notifications-compte-Canada-quebec-verified-moi-information.ca/comfirmetions-service-information-compte-demande.ca/error.php
The website sunshinetravel was used to store this PayPal phishing :
Friday, May 12, 2017
Update Your Account Information Now !! (PayPal Phishing Attempt)
PayPal
Warning : Account Issue !
Your account is limited untill you update your information because some one requested acces to your account, here is the infos :
Location : Russia
IP adress : 176.96.80.140
Navigator : Mozilla Firefox 48.0 on Windows
The restore the access to your account please click on the link below :
Update My Account
This is an email sent automatically. Please do not reply to this letter, because the e-mail address is only configured to send but not to receive e-mails.
Copyright © 2017 All rights reserved.
Phishing screenshot :
Email analysis :
NOTE : morag@g-p-t.co.uk
NOTE : Received : from RDT.spectra.local (unknown [80.229.37.167])
NOTE : by cust-smtp-auth2.fasthosts.net.uk (Postfix)
NOTE : client-ip=213.171.216.60;
Phishing analysis :
CLICK : Update my Account
OPEN : http://sadagatismayilova.com/update-your-account-information-now/myaccount/
SCREENSHOT :
NOTE : Phishing was removed.
Warning : Account Issue !
Your account is limited untill you update your information because some one requested acces to your account, here is the infos :
Location : Russia
IP adress : 176.96.80.140
Navigator : Mozilla Firefox 48.0 on Windows
The restore the access to your account please click on the link below :
Update My Account
This is an email sent automatically. Please do not reply to this letter, because the e-mail address is only configured to send but not to receive e-mails.
Copyright © 2017 All rights reserved.
Phishing screenshot :
Email analysis :
NOTE : morag@g-p-t.co.uk
NOTE : Received : from RDT.spectra.local (unknown [80.229.37.167])
NOTE : by cust-smtp-auth2.fasthosts.net.uk (Postfix)
NOTE : client-ip=213.171.216.60;
Phishing analysis :
CLICK : Update my Account
OPEN : http://sadagatismayilova.com/update-your-account-information-now/myaccount/
SCREENSHOT :
NOTE : Phishing was removed.
Friday, February 17, 2017
Important Message from PayPal ! (PayPal Phishing)
Your PayPaI Account logged form another device !
If you are seeing the messages this means that your account has been visited from an another place given below :
IP : 176.97.103.90
Country : Ukrania
Ville : Odessa
As a security measure, your account has been Iimited.
Case id : PP-801-707-057
Don't worry, you will be able to get your account back just after finishing this steps.
To continue follow this link : :Click Here✔
Notice :If you receive this email in the SPAM folder,click on "Not Spam" button to fix it
Email analysis :
NOTE : Received : from cptweb02 ([77.95.37.80])
NOTE : PayPal@service.com
Phishing analysis :
CLICK : Click Here✔
OPEN : https://jasper.nswebhost.com/~brainrec/paypal-support/
REDIRECT : https://jasper.nswebhost.com/~brainrec/paypal-support/paypal/login.php
SCREENSHOT :
If you are seeing the messages this means that your account has been visited from an another place given below :
IP : 176.97.103.90
Country : Ukrania
Ville : Odessa
As a security measure, your account has been Iimited.
Case id : PP-801-707-057
Don't worry, you will be able to get your account back just after finishing this steps.
To continue follow this link : :Click Here✔
Notice :If you receive this email in the SPAM folder,click on "Not Spam" button to fix it
Email analysis :
NOTE : Received : from cptweb02 ([77.95.37.80])
NOTE : PayPal@service.com
Phishing analysis :
CLICK : Click Here✔
OPEN : https://jasper.nswebhost.com/~brainrec/paypal-support/
REDIRECT : https://jasper.nswebhost.com/~brainrec/paypal-support/paypal/login.php
SCREENSHOT :
Tuesday, November 29, 2016
PayPal & Bank - haccking Transfer (+10.000 usd daily)
Western Union, Bank, Paypal transfer - Haacking and Caarding transfer. Maximum 9.999$ daily.
More details on our underground market:
http://***.cc/showthread.php?tid=1201
Email analysis :
NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < admin@black-hack.su >
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V15.4.3538.513
NOTE : X-Remote : 66.42.85.200 (keevan.fire2wire.com)
NOTE : Organization : DarkMarket
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Mailer : Microsoft Windows Live Mail 15.4.3538.513
NOTE : Received : from keevan.fire2wire.com (66.42.85.200)
NOTE : Received : from [155.133.82.113] (helo=155.133.82.113)
NOTE : by keevan.fire2wire.com with esmtpsa (TLSv1:AES256-SHA:256)
NOTE : (Exim 4.69) (envelope-from < admin@black-hack.su >)
NOTE : PayPal & Bank - haccking Transfer (+10.000 usd daily)
More details on our underground market:
http://***.cc/showthread.php?tid=1201
Email analysis :
NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < admin@black-hack.su >
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V15.4.3538.513
NOTE : X-Remote : 66.42.85.200 (keevan.fire2wire.com)
NOTE : Organization : DarkMarket
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Mailer : Microsoft Windows Live Mail 15.4.3538.513
NOTE : Received : from keevan.fire2wire.com (66.42.85.200)
NOTE : Received : from [155.133.82.113] (helo=155.133.82.113)
NOTE : by keevan.fire2wire.com with esmtpsa (TLSv1:AES256-SHA:256)
NOTE : (Exim 4.69) (envelope-from < admin@black-hack.su >)
NOTE : PayPal & Bank - haccking Transfer (+10.000 usd daily)
Tuesday, August 2, 2016
[Alert] Account Notification ( PayPal Phishing )
PayPal
Access a new device
A device or website that we do not know request access to your account :
Location : Ukraine
IP adress : 176.97.101.83
Navigator : Chrome (Windows)
If you were not please update your account information from the link below:
Update My Account
If you are not responsible for this operation, contact us support@paypal.com.
© PayPal 2016
Email screenshot :
Email analysis :
NOTE : servi@updat.admin.com
NOTE : Received : from sagitta by serwer.hosting-desire.pl with local (Exim 4.87)
NOTE : (envelope-from < sagitta@serwer.hosting-desire.pl >)
NOTE : X-Php-Originating-Script : 1168:rebels.php
NOTE : client-ip=176.112.79.50;
Phishing analysis :
CLICK : Update My Account
OPEN : http://antikytheramech.culture.gr/sites/default/files/Redirect.php
NOTE : Phishing was removed...
Access a new device
A device or website that we do not know request access to your account :
Location : Ukraine
IP adress : 176.97.101.83
Navigator : Chrome (Windows)
If you were not please update your account information from the link below:
Update My Account
If you are not responsible for this operation, contact us support@paypal.com.
© PayPal 2016
Email screenshot :
Email analysis :
NOTE : servi@updat.admin.com
NOTE : Received : from sagitta by serwer.hosting-desire.pl with local (Exim 4.87)
NOTE : (envelope-from < sagitta@serwer.hosting-desire.pl >)
NOTE : X-Php-Originating-Script : 1168:rebels.php
NOTE : client-ip=176.112.79.50;
Phishing analysis :
CLICK : Update My Account
OPEN : http://antikytheramech.culture.gr/sites/default/files/Redirect.php
NOTE : Phishing was removed...
Thursday, July 28, 2016
Security update regarding your account (PayPal Phishing)
This is an automated email, please do not reply
Dear User
(*@* ),
Our advanced security system detected that your account information has been compromised, We need to verify your account in order to continue using your Paypal services, Please understand that this is a security measure to protect you & your account. We apologize for any inconvenience.
Check your account
Thanks for choosing us,
PayPal Team
© 1999-2016 PayPal. All rights reserved.
Email ID: 865009
2016/07/28 00:15:00
Email analysis :
NOTE : support@estet.az
NOTE : Mime-Version : 1.0
NOTE : Authentication-Results : support@estet.az designates 94.20.30.223
NOTE : X-Priority : 1
NOTE : Content-Transfer-Encoding : 8bit
NOTE : X-Mailer : PHPMailer 5.2.8Wahib Priv8 Mailer
NOTE : X-Php-Script : estet.az/aa.php for 117.244.23.108
NOTE : X-Get-Message-Sender-Via : ns001.datacenter.az: authenticated_id: estet/from_h
NOTE : X-Authenticated-Sender : ns001.datacenter.az: support@estet.az
NOTE : Received-Spf : client-ip=94.20.30.223;
NOTE : Security update regarding your account
Phishing analysis :
CLICK : Check your account
OPEN : http://cirt.mx//images/Secure//
REDIRECT : http://cirt.mx/images/Secure//MGen/*/?dispatch=*
SCREENSHOT :
CLICK : Log In
SCREENSHOT :
Tuesday, June 28, 2016
During your last purchase (Phishing Paypal)
Header Image
Privacy Policy for PayPal Services Copyright ©2016
PayPal fraud prevention set standards by presenting the best security solution in the industry that make your business more secure.If you do not renew your paypal account will be limited or closed permanently
Update Your Account Info. Please click below.
Thank you for choosing PayPal
border
Copyright ©2016 All rights reserved.
Email analysis :NOTE :
NOTE : Return-Path : < *@sendgrid.net >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : X-Mailer : ColdFusion 9 Application Server
NOTE : client-ip=50.31.42.127;
NOTE : Received : from o1.email.britishsoapawards.tv ([50.31.42.127])
NOTE : Received : by filter0036p1las1.sendgrid.net
NOTE : Received : from vaya-backend09-optusrts (unknown [103.1.216.177])
NOTE : by ismtpd0018p1sin1.sendgrid.net (SG)
NOTE : During your last purchase
Phishing analysis :
CLICK : THE BUTTON
OPEN : https://bit.ly/1RFlDg4
REDIRECT : http://64.71.78.238/CFIDE/web.html
REDIRECT : http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php
SCREENSHOT :
CLICK : Log In
REDIRECT http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php?error_login_id=*#
NOTE : THE LOGIN ASK FOR A VALID PASSWORD...
NOTE : SHORT THE URI TO http://horseridingholidaysgb.co.uk/php/update_info/
SCREENSHOT :
NOTE : FUNNY...
NOTE : CHANGE IP
SCREENSHOT :
NOTE : LAUGHT...
Privacy Policy for PayPal Services Copyright ©2016
PayPal fraud prevention set standards by presenting the best security solution in the industry that make your business more secure.If you do not renew your paypal account will be limited or closed permanently
Update Your Account Info. Please click below.
Thank you for choosing PayPal
border
Copyright ©2016 All rights reserved.
Email analysis :NOTE :
NOTE : Return-Path : < *@sendgrid.net >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : X-Mailer : ColdFusion 9 Application Server
NOTE : client-ip=50.31.42.127;
NOTE : Received : from o1.email.britishsoapawards.tv ([50.31.42.127])
NOTE : Received : by filter0036p1las1.sendgrid.net
NOTE : Received : from vaya-backend09-optusrts (unknown [103.1.216.177])
NOTE : by ismtpd0018p1sin1.sendgrid.net (SG)
NOTE : During your last purchase
Phishing analysis :
CLICK : THE BUTTON
OPEN : https://bit.ly/1RFlDg4
REDIRECT : http://64.71.78.238/CFIDE/web.html
REDIRECT : http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php
SCREENSHOT :
CLICK : Log In
REDIRECT http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php?error_login_id=*#
NOTE : THE LOGIN ASK FOR A VALID PASSWORD...
NOTE : SHORT THE URI TO http://horseridingholidaysgb.co.uk/php/update_info/
SCREENSHOT :
NOTE : FUNNY...
NOTE : CHANGE IP
SCREENSHOT :
NOTE : LAUGHT...
Monday, April 25, 2016
PayPal : User Agreement Changed (PayPal Phishing)
logo
Welcome
Some information on your account appears to be missing or incorrect. Please update your information promptly so that you can continue to enjoy all the benefits of your PayPal account. If you don't update your information within 2 days, we'll limit what you can do with your PayPal account.
Resolve the Security Issue.
If you need help logging in, go to our Help Center by clicking the Help link located in the upper right-hand corner of any PayPal page. .
Paypal
orth San Jose. 2211 N 1st St (btwn Charcot & Karina)
Paypal Co.
Phishing analysis :
CLICK : Resolve the Security Issue.
OPEN : http://www.tripidipi.cz/css
REDIRECT : http://www.tripidipi.cz/css/*/login.php?run=_login&session=*&access=*
SCREENSHOT :
VALIDATE : FORM
SCREENSHOT :
REDIRECT : AGAIN
SCREENSHOT :
VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :
VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :
REDIRECT : AGAIN
SCREENSHOT :
REDIRECT : https://secure.opinionlab.com/ccc01/comment_card.asp?time1=1402969318872&time2=1402969372567&prev=&referer=https:%2F%2FUS%2Epaypal%2Ecom%2Fen%5FUS%2F00%2FLog%5FIn%2Epage&height=768&width=1366&custom_var=kx3fhVVgW8gMa0n7M3NIPcBg7XZ2KBu2BcI5nN2fD2%252fd%252ffvYhBp7rQ%253d%253d_146aca2e3e4|Unknown|Log%20In|US|en_US|Unknown|Unknown|Unknown|Unknown
SCREENSHOT :
Email analysis :
NOTE : ersbys1@viagogo.com
NOTE : john2001barton@hotmail.com does not designate 94.126.40.172
NOTE : X-Canit-Geo : ip=94.126.40.140;
NOTE : country=GB;
NOTE : region=England;
NOTE : city=Stevenage;
NOTE : latitude=51.9022; longitude=-0.2026;
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : Received : from smarthost.hostingweb.co.uk (webpool1.lcn.com [94.126.40.140])
NOTE : by outscan2.ai270.net
NOTE : X-Php-Originating-Script : 317960:sm.php
Welcome
Some information on your account appears to be missing or incorrect. Please update your information promptly so that you can continue to enjoy all the benefits of your PayPal account. If you don't update your information within 2 days, we'll limit what you can do with your PayPal account.
Resolve the Security Issue.
If you need help logging in, go to our Help Center by clicking the Help link located in the upper right-hand corner of any PayPal page. .
Paypal
orth San Jose. 2211 N 1st St (btwn Charcot & Karina)
Paypal Co.
Phishing analysis :
CLICK : Resolve the Security Issue.
OPEN : http://www.tripidipi.cz/css
REDIRECT : http://www.tripidipi.cz/css/*/login.php?run=_login&session=*&access=*
SCREENSHOT :
VALIDATE : FORM
SCREENSHOT :
REDIRECT : AGAIN
SCREENSHOT :
VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :
VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :
REDIRECT : AGAIN
SCREENSHOT :
REDIRECT : https://secure.opinionlab.com/ccc01/comment_card.asp?time1=1402969318872&time2=1402969372567&prev=&referer=https:%2F%2FUS%2Epaypal%2Ecom%2Fen%5FUS%2F00%2FLog%5FIn%2Epage&height=768&width=1366&custom_var=kx3fhVVgW8gMa0n7M3NIPcBg7XZ2KBu2BcI5nN2fD2%252fd%252ffvYhBp7rQ%253d%253d_146aca2e3e4|Unknown|Log%20In|US|en_US|Unknown|Unknown|Unknown|Unknown
SCREENSHOT :
Email analysis :
NOTE : ersbys1@viagogo.com
NOTE : john2001barton@hotmail.com does not designate 94.126.40.172
NOTE : X-Canit-Geo : ip=94.126.40.140;
NOTE : country=GB;
NOTE : region=England;
NOTE : city=Stevenage;
NOTE : latitude=51.9022; longitude=-0.2026;
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : Received : from smarthost.hostingweb.co.uk (webpool1.lcn.com [94.126.40.140])
NOTE : by outscan2.ai270.net
NOTE : X-Php-Originating-Script : 317960:sm.php
Subscribe to:
Posts (Atom)