Monday, September 15, 2014

Paksoytekink-Trade phishing

image.jpeg

Hello Dear

This is China Hongqiao Group Ltd. We want to buy directly below product, click on the link below and take our order.

http://inflablespamejenny.cl/ul/WebMail.htm

What do you have in stock? How much is price? How long does it take if order is done? We want to receive a quote.

Please let me know. I'll wait for your reply.

Sincerely,
China Hongqiao Group Ltd

Thanks.

Phishing analysis :
================================
NOTE : This is China Hongqiao Group Ltd. We want to buy directly below product, click on the link below and login your email address and password to be able to view our order.
NOTE : Click http://inflablespamejenny.cl/ul/WebMail.htm
NOTE : Paksoytekink-Trade phishing
NOTE : The website inflablespamejenny.cl seems compromised and relay a phishing page...
================================

Email analysis :
================================
NOTE : Received : from mtaout-aan01.mx.aol.com (mtaout-aan01.mx.aol.com [172.27.19.77])
NOTE : Received : from USER-PC (unknown [198.199.88.97])


NOTE : Return-Path : < senshisakura@aol.com >
NOTE : ORDER INQUIRY
================================

No comments:

Post a Comment