[nsp-sec] ATTN AOL, phishing drop box

Salusky, William william.salusky at teamaol.com
Thu Dec 9 10:26:07 EST 2010 

Ack.  Sorry I missed this one.

Account terminated.

----
W
 

> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net 
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of 
> Anthony Edwards
> Sent: Tuesday, December 07, 2010 4:38 PM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] ATTN AOL, phishing drop box
> 
> ----------- nsp-security Confidential --------
> 
> Hi
> 
> Account username and phishing drop box 
> webmaintenance at cyberservices.com:
> 
> abuse at abuse:~$ host -t mx cyberservices.com cyberservices.com 
> mail is handled by 15 mailin-04.mx.aol.com.
> cyberservices.com mail is handled by 15 mailin-01.mx.aol.com.
> cyberservices.com mail is handled by 15 mailin-02.mx.aol.com.
> cyberservices.com mail is handled by 15 mailin-03.mx.aol.com.
> 
> : Return-path: <online2090729 at telkomsa.net>
> : Envelope-to: st-edmundcampion at ukonline.co.uk
> : Delivery-date: Tue, 30 Nov 2010 09:43:14 +0000
> : Received: from [196.25.211.69] (helo=sargas.telkomsa.net)
> : 	by store9.mail.uk.easynet.net with esmtp (Exim 4.69)
> : 	(envelope-from <online2090729 at telkomsa.net>)
> : 	id 1PNMjt-0007pW-U3; Tue, 30 Nov 2010 09:43:10 +0000
> : Received: from mail3.telkomsa.net (zimbra3-vm1.lb2.telkomsa.net
> : [192.168.16.224])
> : 	by sargas.telkomsa.net (Postfix) with ESMTP id 856FD2A04E8;
> : 	Tue, 30 Nov 2010 11:41:49 +0200 (SAST)
> : Date: Tue, 30 Nov 2010 11:43:02 +0200 (SAST)
> : From: Webmail Maintenance Team <online2090729 at telkomsa.net>
> : Reply-To: Webmail Maintenance Team 
> <webmaintenance at cyberservices.com>
> : Message-ID:
> : 
> <2006473758.2309931291110182676.JavaMail.root at zimbra3-vm1.telk
omsa.net>
> : Subject: Attn: Dear UK Online Webmail User
> : MIME-Version: 1.0
> : Content-Type: text/plain; charset=utf-8
> : Content-Transfer-Encoding: 7bit
> : X-Originating-IP: [192.168.16.53]
> : X-Mailer: Zimbra 5.0.11_GA_2695.RHEL5_64 
> (zclient/5.0.11_GA_2695.RHEL5_64)
> : To: undisclosed-recipients:;
> : Delivered-To: st-edmundcampion at ukonline.co.uk
> : 
> ==============================================================
> ==============
> : Attn: Dear UK Online Webmail User
> : 
> : This is to notify you that due to recent spam complaints of 
> webmail users in
> : our webmail data base, our investigation shows that your webmail is
> : compromised and frequently send out spam messages .
> : 
> : As a result, our network engineer needs to conduct a 
> maintenance in your
> : webmail account to enhance the reliability of our service . 
> On this note the
> : management request you to provide confirmation details of 
> your webmail
> : account to our maintenance counter, to enable us commence 
> maintenance
> : immediately.
> : 
> : Failure to provide your webmail account confirmation 
> details below within
> : 48hrs, will lead to disabling of your UK Online Webmail Account.
> : ===========================
> : Required Account Confirmation Details :
> : ===========================
> : Account Registered Name:
> : Webmail Account:
> : Webmail Account Password:
> : Retype And Confirm Password:
> : ===========================
> : Important Note:You are to forward these information to our 
> maintenance team
> : counter via email for security 
> reason.(webmaintenance at cyberservices.com)
> : Thank you in advance for your cooperation and assistance in 
> this important
> : survey.
> : 
> : Signed,
> : Webmail Maintenance Team.
> : ---------------------------------------------------------
> : Copyright 1986-2010 Webmail Maintenance Team.
> : 
> ==============================================================
> ==============
> 
> --
> Anthony Edwards
> anthony.edwards at sns.bskyb.com
> Abuse Team Manager  -  Sky Network Services
> DDI: 0161 888 3507
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the 
> nsp-security
> community. Confidentiality is essential for effective 
> Internet security counter-measures.
> _______________________________________________
>

More information about the nsp-security mailing list