TerrificInTahoma
8 June 2007, 16:33
New PHISH on the E-mail Distro Lists....
See the Headers here
To: x
Subject: Reactivate Your Online Banking
From: HSBC <alert.customer@hsbc.co.uk>
Message-Id: <1___@hsbc.co.uk>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - isuzu.websitewelcome.com
X-AntiAbuse: Original Domain - yahoo.[TLD]
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - isuzu.websitewelcome.com
Message in Body of E-mail:
Dear HSBC Member,
We have reason to suspect that your HSBC account may be in use by an unauthorized party.
Your account has recently been accessed from a foreign country, while we understand that you may be on vacation or traveling abroad, HSBC Security has a obligation to protect our user's security. Within 24 hours of this message, your account will be placed on hold to ensure your personal account safety. Verification of your specific account details will enable you to once again have full access to your HSBC account.
To ensure that your service is not interrupted, please submit your billing information today:
[fake Link Here goes to
http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm%22]
http://hsbc.co.uk/users/renewobligation?start=ok
Or contact HSBC Member Services Team. We're available 24 hours a day, 7 days a week.
Regards,
HSBC Team.
Report from SPAMCOP.NET
http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm"
host 70.84.137.34 (getting name) = isuzu.websitewelcome.com.
Tracking link: http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm"
Note the double-quote at the end of the .htm tag.
So BEWARE!
--
See the Headers here
To: x
Subject: Reactivate Your Online Banking
From: HSBC <alert.customer@hsbc.co.uk>
Message-Id: <1___@hsbc.co.uk>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - isuzu.websitewelcome.com
X-AntiAbuse: Original Domain - yahoo.[TLD]
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - isuzu.websitewelcome.com
Message in Body of E-mail:
Dear HSBC Member,
We have reason to suspect that your HSBC account may be in use by an unauthorized party.
Your account has recently been accessed from a foreign country, while we understand that you may be on vacation or traveling abroad, HSBC Security has a obligation to protect our user's security. Within 24 hours of this message, your account will be placed on hold to ensure your personal account safety. Verification of your specific account details will enable you to once again have full access to your HSBC account.
To ensure that your service is not interrupted, please submit your billing information today:
[fake Link Here goes to
http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm%22]
http://hsbc.co.uk/users/renewobligation?start=ok
Or contact HSBC Member Services Team. We're available 24 hours a day, 7 days a week.
Regards,
HSBC Team.
Report from SPAMCOP.NET
http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm"
host 70.84.137.34 (getting name) = isuzu.websitewelcome.com.
Tracking link: http://70.84.137.34/~yahooco/htaccess/hsbc.co.uk/update_information/IB-hsbc/index.htm"
Note the double-quote at the end of the .htm tag.
So BEWARE!
--