[nsp-sec] ATTN MSN Hotmail, phishing drop box

Wed Aug 4 09:13:57 EDT 2010

And another, this time 419 Advance Fee Fraud related:

mrbernanke_frb48 at w.cn

: Reply-To: mrbernanke_frb48 at w.cn
: From: "Mr.Ben S. Bernanke" <kaymadati at aol.com>
: Subject: NOTIFICATION OF CREDIT FROM BANK FEDERAL RESERVE BOARD.
: Date: Wed, 4 Aug 2010 05:28:36 -0700
: 
: BANK FEDERAL RESERVE BOARD
: 33 LIBERTY STREET, NEW YORK, NY 10045
: 
: NOTIFICATION OF CREDIT FROM BANK FEDERAL RESERVE BOARD.
: 
: Attn: Beneficiary,
: 
: We have this 4th day of August. 2010 received a payment credit
: instruction from the Federal Government of Nigeria to credit your
: account with your full Inheritance fund of US$10.3Million from the
: Nigerian reserve account with our bank, Bank of America
: 
: However, you shall required to provide the followings datas below:
: 
: {1}. Your Full Name and Address.:
: {2}. Your Confidential Tel, Cell and Fax.
: {3). Your Bank name and address.:
: {4). Your A/c Name and A/c Numbers.:
: (5). Your Swift Code / Routing Numbers.:
: (6). Your Current Occupation And Your Working ID.
: 
: Please do provide the above information accurately, because this office
: cannot afford to be held liable for any wrong transfer of funds or
: liability of funds credited into a ghost account.
: 
: Thanks for banking with Bank of America while we looking forward to
: serving you with the best of our service.
: 
: Thanks and God bless you.
: 
: Regards,
: 
: Yours in Service,
: Mr.Ben S. Bernanke
: Chairman Federal Reserve Bank

Anthony Edwards

On Wed, Aug 04, 2010 at 12:36:32PM +0100, Anthony Edwards wrote:
> ----------- nsp-security Confidential --------
> 
> Hi
> 
> Account username and password phishing drop box (upgradecct at w.cn)
> at the w.cn domain:
> 
> abuse at abuse:~$ host -t mx w.cn
> w.cn mail is handled by 10 499278938.pamx1.hotmail.com.
> 
> 
> : Return-path: info at login.com
> : Delivery-date: Wed, 04 Aug 2010 12:27:42 +0100
> : Date: Wed, 04 Aug 2010 08:27:23 -0300
> : From: Webmail Upgrade Team <info at login.com>
> : Reply-to: upgradecct at w.cn
> : To: undisclosed-recipients: ;
> : Subject: Upgrade Your Email Account
> : 
> : ATTENTION:
> : 
> : WEBMAIL SUBSCRIBER:
> : 
> : This mail is to inform all our {WEBMAIL} users that we will be upgrading our
> : site in a couple of days from now. So you as a Subscriber of our site you are
> : required to send us your Email account details so as to enable us know if you
> : are still making use of your mail box. Further informed that we will be
> : deleting all mail account that is not functioning so as to
> : create more space for new user. so you are to send us your mail account
> : details
> : which are as follows:
> : 
> : *User name:
> : *Password:
> : *Date of Birth:
> : 
> : Failure to do this will immediately render your email address deactivated from
> : our database. Your response should be send to the following e-mail address.
> : Your AdminManager:upgradecct at w.cn
> : 
> : Yours In Service.
> : Webmail Upgrade Team
> : Copyright © 2010.
> 
> 
> Anthony Edwards
> 
> -- 
> Anthony Edwards
> anthony.edwards at sns.bskyb.com
> Abuse Team Manager  -  Sky Network Services
> DDI: 0161 888 3507
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
> 

-- 
Anthony Edwards
anthony.edwards at sns.bskyb.com
Abuse Team Manager  -  Sky Network Services
DDI: 0161 888 3507