Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: lawman
example headers of phish email:
Received: from 184.108.40.206 by mail.richardanthony.com; Wed, 14 Oct 2009 10:49:46 -0400
From: "firstname.lastname@example.org" <email@example.com>
Subject: The settings for the firstname.lastname@example.org were changed
Date: Wed, 14 Oct 2009 10:49:46 -0400
X-Priority: 3 (Normal)
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-IMAPbase: 1171399645 4237822960
The body of the email looks similar to:
Dear user of the webmasterworld.com mailing service!
We are informing you that because of the security upgrade of the mailing service your mailbox (email@example.com) settings were changed. In order to apply the new set of settings click on the following link:
<snip bogus redirect>
Best regards, webmasterworldcom Technical Support.
the hyper link actually goes to a redirect at:
Some of the redirect domains for ours include:
The phishing emails the last few days have been getting much much better. I've had a number of employees forwarding emails to me checking to make sure I want them to install software. Time to do some more education about phishing.
On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.
Thank you in advance for your attention to this matter and sorry for possible inconveniences.
I falsified the url