[nsp-sec] ATTN google, gmail phish dropbox

Peter Moody pmoody at google.com
Sun Apr 24 13:49:41 EDT 2011 

ack.

On Sun, Apr 24, 2011 at 8:37 AM, RuthAnne Bevier <ruthanne at caltech.edu>wrote:

> ----------- nsp-security Confidential --------
>
> Sample with full headers below -- drop box is "school.eduedu at gmail.com".
>
>
>> X-Original-To: man at caltech.edu
>> X-Spam-Scanned: at Caltech-IMSS on earth-doxen by amavisd-new
>> X-Spam-Flag: NO
>> X-Spam-Score: 0.795
>> X-Spam-Level:
>> X-Spam-Status: No, score=0.795 tagged_above=-10000 required=5
>>        tests=[SNF4SA=-1.009, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
>>        SUBJ_ALL_CAPS=1.806] autolearn=disabled
>> X-Authentication-Warning: localhost.localdomain: apache set sender to
>> ptjkd at mahidol.ac.th using -f
>> Date: Sun, 24 Apr 2011 00:26:30 +0700 (ICT)
>> Subject: EMAIL ACCOUNT UPGRADE
>> From: "Webmail HelpDesk" <ptjkd at mahidol.ac.th>
>> Reply-To: school.eduedu at gmail.com
>> User-Agent: SquirrelMail/1.4.8
>> X-esp: ESP<6>=
>>        SHA:<6>
>>        SHA_FLAGS:<400>
>>        ISC:<0>
>>        BAYES:<0>
>>        SenderID:<0>
>>        DKIM:<0>
>>        TS:<0>
>>        SIG:<>
>>        TRU_spam1: <0>
>>        TRU_scam_spam: <0>
>>        TRU_money_spam: <0>
>>        TRU_profanity_spam: <0>
>>        TRU_ru_spamsubj: <0>
>>        TRU_medical_spam: <0>
>>        TRU_urllinks: <0>
>>        TRU_html_image_spam: <0>
>>        URL Real-Time Signatures: <0>
>>        TRU_freehosting: <0>
>>        TRU_watch_spam: <0>
>>        TRU_embedded_image_spam: <0>
>>        TRU_lotto_spam: <0>
>>        TRU_legal_spam: <0>
>>        TRU_adult_spam: <0>
>>        TRU_stock_spam: <0>
>>        TRU_spam2: <0>
>>        TRU_playsites: <0>
>>        TRU_misc_spam: <0>
>>        TRU_marketing_spam: <0>
>>        TRU_phish_spam: <0>
>> To: undisclosed-recipients:;
>>
>> EMAIL ACCOUNT UPGRADE
>>
>> Your E-mail box has reached its maximum limit of 20 GB of storage and
>> Your account will be disabled if you do not update
>> now.
>>
>> Educational, To upgrade your account, please fill the form below and
>> follow the
>> instructions to upgrade to more
>> storage space.
>>
>> UserName...
>>
>> Login id....
>>
>> Password....
>>
>> Confirm password...
>>
>> Your account will remain active after you have confirmed your account
>> successfully.
>>
>> educational , Auburn, Alabama 36849
>>
>> © Copyright 2011 Regulation
>>
>
>
>
>
> --
> RuthAnne Bevier
> Director, Information Security
> California Institute of Technology
> ruthanne at caltech.edu
> 626-395-2671
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>



-- 
Peter Moody      Google    1.650.253.7306
Network Security Engineer  pgp:0xC3410038

More information about the nsp-security mailing list