[Owasp-Malaysia] [MySEC] Phishing Email : Fwd: CIMB BANK - NOTICE TO ALL CUSTOMERS !

BRIAN RITCHIE esqbrianritchie at gmail.com
Tue Jun 1 03:30:08 EDT 2010


The URL seems right tho

On Tue, Jun 1, 2010 at 3:27 PM, Harisfazillah Jamel
<linuxmalaysia at gmail.com> wrote:
> Another phishing email.
>
> Delivered-To: linuxmalaysia at gmail.com
> Received: by 10.231.173.9 with SMTP id n9cs189296ibz;
>        Mon, 31 May 2010 15:06:07 -0700 (PDT)
> Received: by 10.220.122.224 with SMTP id m32mr3798663vcr.211.1275343559606;
>        Mon, 31 May 2010 15:05:59 -0700 (PDT)
> Return-Path: <arabbank at arabinet2.com>
> Received: from omr16.networksolutionsemail.com
> (omr16.networksolutionsemail.com [205.178.146.66])
>        by mx.google.com with ESMTP id e13si13443294vcp.58.2010.05.31.15.05.56;
>        Mon, 31 May 2010 15:05:59 -0700 (PDT)
> Received-SPF: neutral (google.com: 205.178.146.66 is neither permitted
> nor denied by best guess record for domain of arabbank at arabinet2.com)
> client-ip=205.178.146.66;
> Authentication-Results: mx.google.com; spf=neutral (google.com:
> 205.178.146.66 is neither permitted nor denied by best guess record
> for domain of arabbank at arabinet2.com) smtp.mail=arabbank at arabinet2.com
> Received: from cm-omr1 (mail.networksolutionsemail.com [205.178.146.50])
>        by omr16.networksolutionsemail.com (8.13.6/8.13.6) with ESMTP id
> o4VM5tk3000547;
>        Mon, 31 May 2010 18:05:55 -0400
> Received: from [205.178.146.50] ([205.178.146.50:49325]
> helo=oxapp1.mgt.hosting.dc2.netsol.com)
>        by cm-omr1 (envelope-from <arabbank at arabinet2.com>)
>        (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP
>        id 4D/FF-26836-2C2340C4; Mon, 31 May 2010 18:05:55 -0400
> Date: Mon, 31 May 2010 18:05:54 -0400 (EDT)
> From: Clicks Alert <arabbank at arabinet2.com>
> Message-ID: <1553252.1675.1275343554974.JavaMail.vpopmail at oxapp1.mgt.hosting.dc2.netsol.com>
> Subject: CIMB BANK - NOTICE TO ALL CUSTOMERS !
> MIME-Version: 1.0
> Content-Type: multipart/alternative;
>        boundary="----=_Part_1674_30162546.1275343554965"
> X-Priority: 3
> X-Mailer: Open-Xchange Mailer v6.8.1-6811
>
> ------=_Part_1674_30162546.1275343554965
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 7bit
>
>
>
> ---------- Forwarded message ----------
> From: Clicks Alert <arabbank at arabinet2.com>
> Date: Tue, Jun 1, 2010 at 6:05 AM
> Subject: CIMB BANK - NOTICE TO ALL CUSTOMERS !
> To:
>
>
> - - CIMB CLICKS ALERT - -
>
> Dear CIMB Customer,
>
> Your CIMB Account has been revoked for security reasons after we
> discovered some security problems in your account. You are hereby
> required to immediately restore your account as revoked accounts will
> be terminated till further notice. We are sorry for any inconvenience
> caused as your privacy is our topmost priority.
>
> https://www.cimbclicks.com.my/ibk/
>
> Sincerely,
>
> CIMB BANK (GROUP)
>
> --
> You received this message because you are subscribed to the Google Groups "MySecurity" group.
> To post to this group, send email to mysecurity at googlegroups.com.
> To unsubscribe from this group, send email to mysecurity+unsubscribe at googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/mysecurity?hl=en.
>
>


More information about the Owasp-Malaysia mailing list