[nsp-sec] Attn Google, Gmail phish dropbox

Peter Moody pmoody at google.com
Fri Jun 4 16:21:33 EDT 2010 

ack.

On Fri, Jun 4, 2010 at 1:15 PM, RuthAnne Bevier <ruthanne at caltech.edu> wrote:
> ----------- nsp-security Confidential --------
>
> Hi -- looks like teamupgrade11 at gmail.com is another dropbox.  Full
> headers from a sample are below.
>
>     --RuthAnne
>
>
>
> Received: from hermes.ugcs.caltech.edu ([127.0.0.1])
>        by localhost (hermes.ugcs.caltech.edu [127.0.0.1])
> (amavisd-new, port 10024)
>        with LMTP id QVvepZe73RPq; Fri,  4 Jun 2010 04:28:42 -0700
> (PDT)
> Received: from mail.icar.org.in (mail.icar.org.in [202.141.140.19])
>        by hermes.ugcs.caltech.edu (Postfix) with ESMTPS id
> 2FC5E1C17874;
>        Fri,  4 Jun 2010 04:28:41 -0700 (PDT)
> Received: from mail.icar.org.in (localhost [127.0.0.1] (may be
> forged))
>        by mail.icar.org.in (8.13.8/8.13.8) with ESMTP id
> o54BrW0M005773;
>        Fri, 4 Jun 2010 17:23:32 +0530
> Received: (from apache at localhost)
>        by mail.icar.org.in (8.13.8/8.13.8/Submit) id
> o54BrOJi005772;
>        Fri, 4 Jun 2010 17:23:24 +0530
> X-Authentication-Warning: mail.icar.org.in: apache set sender to
> support at caltech.edu using -f
> Received: from 192.251.226.205
>        (SquirrelMail authenticated user kuldeep)
>        by mail.icar.org.in with HTTP;
>        Fri, 4 Jun 2010 17:23:24 +0530 (IST)
> Message-ID:
> <16378.192.251.226.205.1275652404.squirrel at mail.icar.org.in>
> Date: Fri, 4 Jun 2010 17:23:24 +0530 (IST)
> Subject: WARNING!!!
> From: "CALIFORNIA INSTITUTE OF TECHNOLOGY WEBMAIL SERVICE"
> <support at caltech.edu>
> Reply-To: teamupgrade11 at gmail.com
> User-Agent: SquirrelMail/1.4.8-5.el5_4.10
> MIME-Version: 1.0
> Content-Type: text/plain;charset=iso-8859-1
> Content-Transfer-Encoding: 8bit
> X-Priority: 3 (Normal)
> Importance: Normal
> To: undisclosed-recipients:;
>
>
> --
> RuthAnne Bevier
> Information Security
> California Institute of Technology
> 626-395-2671
> ruthanne at caltech.edu
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>



-- 
Peter Moody      Google    1.650.253.7306
Network Security Engineer  pgp:0xC3410038

More information about the nsp-security mailing list