Sunday, March 13, 2016

New Notification Message From Santander (Santander Phishing)

Security Notice

Your passcode has been entered incorrectly multiple times. Please ensure that you are entering your passcode correctly. If you are a Business Banking customer, remember to use our dedicated Business Banking log on page accessible from the Santander homepage. For your security we have restriced your access to our online banking system in order to safeuard your account. We require you to complete our account verification process in order to restore access. This process should only take you a few minutes to complete and will also ensure we hold the most up to date records for you.

Click here to get started ⇒

Please Note:Failure to comply with our account verification process may lead to permenant suspension of access to our online banking service.
Online Banking Guarantee Site Help & Accessibility Security & Privacy Terms & Conditions Legal

Phishing analysis :

CLICK : Click here to get started ⇒
OPEN : http://design360degree.in/tools/santander
REDIRECT : http://design360degree.in/tools/santander/Login.php?sslchannel=true&form=AccountVerification&sessionid=***

SCREENSHOT :


CLICK : Log on >
REDIRECT : http://design360degree.in/tools/santander/LoginP2.php?&sessionid=***&securessl=true

SCREENSHOT :


CLICK : Submit

REDIRECT : http://design360degree.in/tools/santander/Verify.php?&sessionid=*&securessl=true

SCREENSHOT :


SCREENSHOT :


CLICK : Continue

REDIRECT : http://design360degree.in/tools/santander/Finish.php?&sessionid=*&securessl=true

SCREENSHOT :


REDIRECT : http://www.santander.co.uk/uk/index

Email analysis :

NOTE : jd@firstmancorp.com
NOTE : Return-Path : < jd@firstmancorp.com >
NOTE : Mime-Version : 1.0
NOTE : domain of jd@firstmancorp.com designates 108.179.196.215 as permitted sender)
NOTE : smtp.mailfrom=jd@firstmancorp.com; dkim=pass header.i=@firstmancorp.com
NOTE : X-Authenticated-Sender : smaug.hostromeo.com: jd@firstmancorp.com
NOTE : X-Get-Message-Sender-Via : smaug.hostromeo.com:
NOTE : authenticated_id: jd@firstmancorp.com
NOTE : client-ip=108.179.196.215;


NOTE : Received : from [154.118.65.251] (port=52340 helo=[192.168.8.101])


NOTE : by smaug.hostromeo.com with esmtpa (Exim 4.86_1)
NOTE : New Notification Message From Santander

Investment

I represent a high net-worth investor who is seeking investment opportunities away from his native Russia. Can you help achieve this? kindly respond back for further details to this email: yuval_r83@mail.ru
Regards

Yuval Rose

Email analysis :

NOTE : yuvaloss83@gmail.com
NOTE : allendockter@bis.midco.net
NOTE : midconet.redcondor.net@24.220.0.72/32
NOTE : Received : from mail.midco.net ([24.220.0.72])
NOTE : X-Mailer : AfterLogic webmail client
NOTE : client-ip=24.220.11.68;

PayPal Limited Your Account (PayPal phishing)

Dear Customer:

Our 24-7 monitoring security system indicates that someone could be trying to use your account without your knowledge of approval.

PayPal may limit your account as a security measure to protect you and your account. It is part of our safeguard plan.
To lift a limitation, you usually need to provide information to PayPal. We'll ask you to fill in a form that could verify your account as part of our Resolution Center plan.

PayPal Case ID: PP-310-910-479-534
By downloading and filling in the form that we have provided in the 'attachment', you may proceed to verifying your account to remove these limitations.

Our sophisticated technology, well-engineered processes and top notch fraud intelligence remain vigilant 24-7 to safeguard your account and money at no additional cost.
Please do understand that this is a security measure intended to protect your account.

Thank you,

PayPal Security Team
2016 PayPal Inc. Our team of dedicated security professionals works vigilantly to help keep customer information secure.

Email analysis :

NOTE : members7@accounts.net
NOTE : Mime-Version : 1.0
NOTE : Remote : 64.34.208.23 ()
NOTE : Received : from unknown (HELO mail.freshfooddelivered.net) (64.34.208.23)


NOTE : Received : from 64.34.208.23 ([123.1.181.134])
NOTE : by freshfooddelivered.net
NOTE : PayPal Limited Your Account

PayPal phishing analysis :

- The phishing was an html page.
- The page is available for download : http://megabitload.com/download/index/55253876/
- The page is also available as a raw file : http://pastebin.com/raw/v4rPN5mF

Join World's number 1 online program and get $100 sign up bonus. Start earning from your computer, tablet and smart phone.

Grab upto $100 sign up bonus for coming new year when you join the world's #1 affiliate program. 18 years old American International e-commerce company join free today and earn online income. Free online training. In the last 30 days, 2998 people from 190 countries started earning an income with SFI. Let us help you get started on your dream today!Since 1998, more than 15 million people worldwide have become member.

online for last 18 years.

  • Millions of dollars paid out to our affiliates
  • 80,000+ commissionable products & services
  • In over 190 countries worldwide
  • World-class 24/7 support & training

Sign up today below link with your email id or copy the link below to your browser and create your user id

http://www.***.com/15166528/free
http://www.***.com/15166528
http://www.***.com/15166528/ECA

Warm Regards,

http://www.***.com/15166528/free
http://www.***.com/15166528
http://www.***.com/15166528/ECA

Email analysis :

NOTE : globaljobs2050@gmail.com
NOTE : Mime-Version : 1.0

Email leaking :


Download 280 email adresses

Mr.Peter Wong

Pozdravy a komplimenty.

Jsem Mr.Peter Wong pracuji s Bank of China Mám návrh podnikat v melodii US $ 22.500.000 milionu, které mají být prevedeny na zahranicním úctu s vaší pomoc, pokud chtejí.

V prípade zájmu Vám pošlu veškeré údaje o transakcích na obdržení odpovedi. Mužete me kontaktovat na muj soukromý e-mail (peterwong27@qq.com) a poslat mi následující informace pro úcely dokumentace

1) Úplné názvy
2) Aktuální Rezidencní Adresa
3) Soukromé telefonní císlo,

S prátelským pozdravem,
Mr.Peter Wong

Email analysis :

NOTE : peterwong27@qq.com
NOTE : test@bobstaalman.nl
NOTE : 46.17.4.95 (aero.mirdane.com)

CERTIFIED MAIL

A special dònàtion was màde to you. contact (juliefinancefoundation@outlook.com< mailto:juliefinancefoundation@outlook.com >) for details....

Best Regards

Julie Leach.

Please Note: Due to Florida's very broad public records law, most written communications to or from College employees regarding College business are public records, available to the public and media upon request. Therefore, this email communication may be subject to public disclosure. This message is the property of Hillsborough Community College or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.

Email analysis :

NOTE : rromero@hccfl.edu
NOTE : juliefinancefoundation@outlook.com
NOTE : X-Originating-Ip : [69.31.51.34]
NOTE : hcccasarray.family.hccfl.edu
NOTE : client-ip=192.35.61.31;


Notes from Scam.cz :


- The hhccfle.edu servers were used to relay this scam.
- account was rromero (Romero Rosa ?)