e-Carte Bleue (Phishing)

Madame, Monsieur,

Suite au signalement de nombreux cas de fraude liée au service e-Carte Bleue , nous vous demandons de bien vouloir modifier votre mot de passe de connexion

Modifier mon mot de passe en cliquant sur ma banque ci-dessous :

Banque Populaire

Caisse d'Epargne

La Banque Postale

LCL

Société Générale

Attention : Votre vigilance est primordiale pour assurer la sécurité de vos comptes

Ne communiquez jamais votre identifiant ni votre mot de passe

Phishing analysis :

CLICK : Banque Populaire
OPEN : http://drislkafiazr.com/ebleu/ebleue/bpop/
REDIRECT : http://ebluesecard.fr/ebleue/bpop/b4b2869be8a7476e654a3093c1941a1a/
SCREENSHOT :

CLICK : Caisse d'Epargne
OPEN : http://drislkafiazr.com/ebleu/ebleue/cp
REDIRECT : http://ebluesecard.fr/ebleue/cp/fa32da7b396e37ac9f64a1ba437cbdff/
SCREENSHOT :

CLICK : La Banque Postale
OPEN : http://drislkafiazr.com/ebleu/ebleue/bpole
REDIRECT : http://ebluesecard.fr/ebleue/bpole/cb0f9f1a022521fed03764c3bad629e6/
SCREENSHOT :

CLICK : LCL
OPEN : http://drislkafiazr.com/ebleu/ebleue/lcl
REDIRECT : http://ebluesecard.fr/ebleue/lcl/efe8e21516a885b85363916a1da514e0/
SCREENSHOT :

CLICK : Société Générale
OPEN : http://drislkafiazr.com/ebleu/ebleue/sg
REDIRECT : http://ebluesecard.fr/ebleue//sg/abb19f62e719c12ed97cf6a9b03d4103/
SCREENSHOT :

Email analysis :
====================================================
NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : X-Msmail-Priority : Normal
NOTE : X-Mailer : Microsoft Outlook Express 6.00.2800.1409
NOTE : X-Proxad-Sc : state=HAM score=0
NOTE : X-Priority : 3
NOTE : Return-Path : < postmaster@elipsapakrara.com >
NOTE : Return-Path : postmaster@elipsapakrara.com
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.10.2800.1409.1909861846.rg.sm31
NOTE : Received : from smtpcmd02110.aruba.it ([62.149.158.110])
NOTE : Received : from www.elipsapakrara.com ([62.149.145.83])
NOTE : by smtpcmd02.ad.aruba.it
NOTE : Message-Id : < *@www.elipsapakrara.com >
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Pensez a modifer votre mot de passe
====================================================

elipsapakrara.com whois :
====================================================
Registrar Abuse Contact Phone: +14165350123
Reseller: Aruba S.p.A. - Servizio Aruba.it
Reseller: assistenza@staff.aruba.it
Reseller: +39.05750505
Reseller: http://www.aruba.it
Registrant Name: Contact Privacy Inc. Customer 0138954380
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K 3M1
Registrant Country: CA
Registrant Phone: +14165385457
Registrant Email: elipsapakrara.com@contactprivacy.com
====================================================

drislkafiazr.com whois :
====================================================
Domain Name: drislkafiazr.com
Registry Domain ID: 1888848670_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.bookmyname.com
Registrar URL: http://www.bookmyname.com
Registrar: ONLINE SAS Registrar IANA ID: 74
Registrar Abuse Contact Email: abuse_2014+drislkafiazr.com_64.20.227.133@bookmyname.com
Registrar Abuse Contact Phone: +33184130000
Reseller: EX2 Hosting
Registrant Name: francois leclerc
Registrant Street: 50 avenue de la republique
Registrant City: lerouget
Registrant Postal Code: 15290
Registrant Country: FR Registrant Phone: +33661298782
Registrant Email: stenstrom.kjell@orange.fr
====================================================
Admin ID: Admin Name: Jimmy B?LANGER
Admin Organization: EX2 Hosting
Admin Street: 700 cartier
Admin City: SEPT-?LES Admin State/Province:
Admin Postal Code: G4R2V3
Admin Country: CA Admin Phone: +14188158088
Admin Phone Ext: Admin Fax: Admin Fax Ext:
Admin Email: 15ac6414.730936@contacts.nospam.bookmyname.com
====================================================

ebluesecard.fr whois :
====================================================
Serveurs de noms (DNS)
Serveur n° 1: ns01.one.com
Serveur n° 2: ns02.one.com
====================================================
Titulaire : Leclerc Francois
22, rue mazagran
75017 Paris
France
Téléphone :+336648101202
Courrier électronique :stenstrom.kjell@orange.fr
====================================================
Contact administratif : Leclerc Francois
22, rue mazagran
75017 Paris
France
Téléphone :+336648101202
====================================================
Courrier électronique :stenstrom.kjell@orange.fr
====================================================
Contact technique : hostmaster
One.com A/S
kalvebod Brygge 45
1560 COPENHAGEN V
DK
Courrier électronique :hostmaster@b-one.net
====================================================

Mac Update Promo... Impossible to unsubscribe...

Mac Update Promo... Impossible to unsubscribe...

Mail from Macupdate :

Notice of the unsubscribe link and click :

Message on the unsubscribe page :

Conclusion :

- The unsubscribe link is buggy.
- https://deals.macupdate.com/newsletter/manage-subscriptions/m/%recipient.member_email_hash%
- The mailing list can't extract the hash from the member...
- Finally, the unsubscribe page is buggy.

Urgent Inquiry Arrival Notification From EC21!! ( EC21 Phishing )

Date: 2014.12.06

Dear User,

Congratulations! You have received a new inquiry sent to you from posted on EC21.com. To see the content and reply to this inquiry, please click on the Check Inquiry button below.

Please do not reply to this email as it is unmonitored.

Dynamic Marketplace for Global B2B � EC21
Copyright (c) EC21 Inc. All Rights Reserved./ipod design (c)

Phishing analysis :

CLICK : BUTTON
OPEN : http://pausesociale.com/EC21.com/index.html
SCREENSHOT :

REDIRECT : http://supplier.ec21.com/

Email analysis :

NOTE : X-Source-Args : /usr/local/apache/bin/httpd -k start -DSSL
NOTE : Return-Path :
NOTE : Mime-Version : 1.0
NOTE : smtp.mail=nobody@s2.filipnet.ro
NOTE : X-Source-Dir : ceramica-neagra-marginea.ro:/public_html/wp-content/uploads
NOTE : Sender : Nobody < nobody@s2.filipnet.ro >
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Message-Id : < *@s2.filipnet.ro >
NOTE : X-Get-Message-Sender-Via : s2.filipnet.ro: uid via acl_c_vhost_owner
NOTE : from authenticated_id: nobody from /only user confirmed/virtual account not confirmed
NOTE : Content-Type : text/html
NOTE : client-ip=89.38.132.141;
NOTE : Received : from s2.filipnet.ro (s2.filipnet.ro. [89.38.132.141])
NOTE : Received : from nobody by s2.filipnet.ro with local (Exim 4.82)
NOTE : (envelope-from )
NOTE : Urgent Inquiry Arrival Notification From EC21!!

Uma Franquia de Alto Lucro que Você possa Transformar sua Vida !

Olá,

A Wor(l)d hoje é uma empresa mundial no ramo de tecnologia e energia renovável, valor de mercado na Bolsa de Valores superando atualmente 2 Bilhões de Dólares com sede em 6 países! Lançou-se no Brasil e se tornou a empresa com o plano binário híbrido mais agressivo já visto em nosso país! Acesse minha página e saiba mais:

Carlos Eduardo De Barros Ortiz

Telefone: (67) 9964-2662 / (67) 8132-4166
E-mail: carlos.rw4@gmail.com
Whatsapp: (67) 9964-2662
Skype: ***

World Global Mobile

Comment ameliorer votre quotidien?

Commencez cette activité pendant votre temps libre et faites du fric chaque jour. Si vous cherchez une manière facile de gagner des milliers d'euros par mois, pendant vos temps libres ou que vous cherchez une activité pour vivre uniquement de vos gains sur internet, vous êtes au bon endroit! Avec ces explications, vous pouvez comme déjà des centaines de personnes gagner plus de 4000Euros sur une courte période.

Pour plus d'information, regardez ici

Je reste à votre disposition si vous avez des questions.

Irénéa

Scam analysis :

CLICK : ICI
OPEN : http://look-onthis.com/link.php?M=55865709&N=89172&K=501bed76e96969e2e28f00282516c799&L=89517&W=27621&F=H
SCREENSHOT :

YOUR PENDING CONTRACT/INHERITANCE PAYMENT FILE$

NIGERIAN NATIONAL PETROLEUM CORPORATION
NNPC Towers, Central Business District,
Herbert Macaulay Way,
P.M.B. 190, Garki, Abuja.

YOUR PENDING CONTRACT/INHERITANCE PAYMENT FILE

I was appointed as new management team for the Nigerian National Petroleum Corporation, The Group Managing Director of the Nigerian National Petroleum Corporation (NNPC) by President Goodluck Jonathan on 27th Jun 2012. I am the Group Managing Director of the Nigerian National Petroleum Corporation (NNPC), Engineer Andrew Yakubu, I have pledged my readiness to clear up all international beneficiaries payment that has not been paid by previous administration and that of my management team to work closely with the In-House Unions to promote a convivial working relationship among members and staffs in the Corporation to foster greater productivity.

I have received various reports from the Economic & Financial Crimes Commission (EFCC) that different Nigerians are using NNPC and the Central Bank of Nigeria official's name to swindle your hard earn money from you claiming to help you. I have personally reviewed all the contract files and decided to contact you directly. Please, kindly send me your payment file details to enable me confirm that i am communicating with the rightful beneficiary.

1. YOUR CONTRACT FILE NUMBER
2. YOUR FULL NAME AND CONTACT ADDRESS
3. YOUR DIRECT CONTACT TELEPHONE
4. YOUR COMPLETE CONTRACT AMOUNT

I have addressed the members and staffs of NNPC and solicited their support in this journey to transform the NNPC and to assure you that some of the concerns that the unions have raised are already being
addressed by top management. The ultimate objective is for us to succeed in this national assignment and it is a collective journey that we must all undertake I therefore request that your urgent reply to my office will be highly appreciated.

REGARDS

Engineer Gary Bolar,
Email Address:garybolar484@gmail.com
Group Managing Director
Nigerian National Petroleum Corporation (NNPC)