An
Email with the Subject "Fw: Unauthorized access of your account [ID: SA-603.9731]" was
received in one of Scamdex's honeypot email accounts on Mon, 02 Feb 2009 09:21:00 -0800
and has been classified as a Generic Scam Email.
The sender shows as "Lori Remmen" <agspecialties@yahoo.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
Scam TagCloud
NO CHART DATA - EMAIL HAS NOT YET BEEN ANALYSED
Scam Email Headers
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => scams@scamdex.com
[delivery-date:] => Mon, 02 Feb 2009 09:21:00 -0800
[received:] => Array
(
[0] => from n23b.bullet.mail.mud.yahoo.com ([68.142.206.142])by fire.newsblaze.com with smtp (Exim 4.69)(envelope-from )id 1LU2Tk-0004Jc-Iifor scams@scamdex.com; Mon, 02 Feb 2009 09:21:00 -0800
[1] => from [68.142.194.244] by n23.bullet.mail.mud.yahoo.com with NNFMP; 02 Feb 2009 17:21:01 -0000
[2] => from [68.142.201.245] by t2.bullet.mud.yahoo.com with NNFMP; 02 Feb 2009 17:21:01 -0000
[3] => from [127.0.0.1] by omp406.mail.mud.yahoo.com with NNFMP; 02 Feb 2009 17:21:01 -0000
[4] => (qmail 85694 invoked from network); 2 Feb 2009 17:21:00 -0000
[5] => from unknown (HELO LORI) (agspecialties@208.187.191.118 with login) by smtp101.plus.mail.sp1.yahoo.com with SMTP; 2 Feb 2009 17:21:00 -0000
)
[x-yahoo-newman-property:] => ymail-3
[x-yahoo-newman-id:] => 249863.28686.bm@omp406.mail.mud.yahoo.com
[domainkey-signature:] => a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-YMail-OSG:Message-ID:From:To:Subject:Date:MIME-Version:Content-Type:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE; b=nokVqYb5Iiq6v7nSW1Bpt0KR5Y6jhV/MetqZNuamlr+s0DSbKeqlXvKvzXGH4sTBZyxVtyjRUFaeEzt1FGHxNePMPXR3VAkzfb3r5Na6XT7YceKfY6smfanYGHGXQ0yaZidChCNe6QOl/M+0AFw6aud4IQDu+YZ0Ggqh2hNW9I8= ;
[x-ymail-osg:] => _uF2kTEVM1nR44m_lvrHoAlQIqrdVveTYsaIVNLo8ki3IFeX.0j0R33nwYEmegfWO18BPELlPmFxX4KlHTMsEqDqR9_AYq94mkG9HAx0Ba8finLC2y93M_s7y4DbHdHuQAL0QTHes9zoqwlwToF6q4PvX7ar2Br5GUPuEI5310swVBBAGQW02cdCBXxui.Dg38dkZMcoVKvM_faGJOQvIsc5dopHbwi7Nu4GvaKV26TsEIBo7jV1NrVBYLGrcc.PEIlB7bi0_9SGQFUC.J.NgN4pFeb4xNdlUIFlqYXlHUOY.w1Uj.gWKSW6WFuRCiWDOPfxWd144VvNI9twZEcB3s86tsj2yqGtMzqxwu8uAnV5qdVJFpQ881D.PT6BXqjkHn62p895C7z8w4HUF_vhytYQtVVoC8DPLQa9DHYByTlMu0aQsEvABLeC_Y9JkPZ0sCl1_kNy3D7yN9S0v3tRjGWNFSI9hGP_C82C0vRMiqdagca2jX-Yahoo-Newman-Property: ymail-3
[date:] => Array
(
[0] => :
[1] => Mon, 2 Feb 2009 09:20:56 -0800
)
[from:] => "Lori Remmen"
[to:] => ,
[subject:] => Fw: Unauthorized access of your account [ID: SA-603.9731]
[mime-version:] => 1.0
[content-type:] => multipart/mixed;boundary="----=_NextPart_000_0170_01C98517.8D79EDD0"
[x-priority:] => 3
[x-msmail-priority:] => Normal
[x-mailer:] => Microsoft Outlook Express 6.00.2900.5512
[x-mimeole:] => Produced By Microsoft MimeOLE V6.00.2900.5579
[x-spam-status:] => No, score=4.7
[x-spam-score:] => 47
[x-spam-bar:] => ++++
[x-spam-flag:] => NO
[message-id:] => REIDs3x1233595260.H962491P16616.-S3X
[x-scamdex-scores:] => S:45 P:49 A:49 L:40 E:46 G:40
[x-scamdex-classtype:] => A
[x-scamdex-classscore:] => 49
[x-scamdex-totscore:] => 269
[x-scamdex-kw:] => IP address,access,account,assistance,bank,check,customer,inc.,login,password,report,sent,share
[x-scamdex-em:] => agspecialties@208,bm@omp406.mail.mud.yaho
[x-scamdex-dir:] => B
[x-scamdex-id:] => B1233595260.H962491P16616
[x-scamdex-copyright:] => This Email is Copyright Scamdex.com 2009, Reproduction Prohibited
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
Sent: Monday, February 02, 2009 7:59 AM
Subject: Unauthorized access of your account [ID: SA-603.9731]
--------------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
06:37:00
----- Original Message -----
From: "GE Money" <sa-6039731@gemoney.com>
Sent: Monday, February 02, 2009 7:59 AM
Subject: Unauthorized access of your account [ID: SA-603.9731]
Dear GE Money customer,
We recently reviewed your account, and suspect that your GE Money Online
Banking
account may have been accessed from an unauthorized computer. This may be
due to
changes in your IP address or location. Protecting the security of your
account and
of the GE Money network is our primary concern.
We are asking you to immediately login and report any unnoticed password
changes,
unauthorized withdrawals or deposits, and check you account profile to
make sure no
changes have been made.
To protect your account please :
* DO NOT SHARE YOUR PASSWORD WITH OTHER USERS
* LOG OFF AFTER USING YOUR ONLINE ACCOUNT
To reset your GE Money online-banking account please download the attached
document.
We apologize for any inconvenience this may cause, and appreciate your
assistance in
helping us maintaining the integrity of the entire Capital One Bank
system.
Please login as soon as possible.
Thank you,
GE Money Security Advisor. [ID: SA-603.9731]
--------------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.0.233 / Virus Database: 270.10.16/1930 - Release Date: 01/28/09
06:37:00
<<< text/html; name="GE Money - reset account.htm": Unrecognized >>>