[Hactivist_discussion] *****SPAM***** Online banking form!

Citizens Bank clientcare.refV3281596255703.gps at citizensbank.com
Mon Nov 26 13:23:59 UTC 2007 

Spam detection software, running on the system "darkside.dod.net", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email.  If you have any questions, see
admin at dod.net for details.

Content preview:  Dear business/corporate customer of Citizens Bank, 
  Caution: we continue to be informed that customers and non-customers 
  are receiving fraudulent phishing emails requesting confidential 
  information and credentials. As a reminder, the bank will NOT send 
  customers unsecured email or other correspondence requesting that they 
  confirm or provide Customer ID's User ID's, card numbers, social 
  security number or PINs and passwords. As always, if you receive any 
  unsolicited e-mails, phone calls, faxes or other suspicious attempts 
  to gain personal or confidential information, please e-mail us at 
  fraudprevention at cfgcustomers.com or call Cash Management Client 
  Services at 1-877-550-5933, Monday to Friday, 7 a.m. to 6 p.m. ET. For 
  Additional information please see the events page [...] 

Content analysis details:   (7.1 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.5 HTML_20_30             BODY: Message is 20% to 30% HTML
 0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
 0.1 HTML_FONTCOLOR_UNSAFE  BODY: HTML font color not in safe 6x6x6 palette
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.4 HTML_TAG_BALANCE_HTML  BODY: HTML has unbalanced "html" tags
 2.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
                [Blocked - see <http://www.spamcop.net/bl.shtml?151.47.1.122>]
 2.5 RCVD_IN_DYNABLOCK      RBL: Sent directly from dynamic IP address
                            [151.47.1.122 listed in dnsbl.sorbs.net]
 0.1 RCVD_IN_SORBS          RBL: SORBS: sender is listed in SORBS
                            [151.47.1.122 listed in dnsbl.sorbs.net]
 1.1 MIME_HTML_ONLY_MULTI   Multipart message only has text/html MIME parts

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

-------------- next part --------------
An embedded message was scrubbed...
From: "Citizens Bank" <clientcare.refV3281596255703.gps at citizensbank.com>
Subject: Online banking form!
Date: Mon, 26 Nov 2007 13:23:59 +0000 (UTC)
Size: 5061
Url: http://darkside.dod.net/pipermail/hactivist_discussion/attachments/20071126/69001f12/attachment.mht

More information about the Hactivist_discussion mailing list