The Scamdex Scam Email Archive - Generic o

Subject:  (Chase Phishing)http://www.dhcp.com.br/_uti_inf.html
From:  "Antihotmail.com Internet Incident Reponse Team (IIRT)" <iirt@antihotmail.com>
Date:  Fri, 28 Apr 2006 09:25:32 -0700

A Scam Email with the Subject "(Chase Phishing)http://www.dhcp.com.br/_uti_inf.html" was received in one of Scamdex's honeypot email accounts on Fri, 28 Apr 2006 09:25:32 -0700 and has been classified as a Generic Scam. The sender was "Antihotmail.com Internet Incident Reponse Team (IIRT)" <iirt@antihotmail.com>, although it may have been spoofed.

This phishing site is being used for both Chase/JP Morgan and Branch Banking and
Trust

canonical name dhcpweb.takenet.com.br.
aliases www.dhcp.com.br
addresses 200.195.35.175
nserver:     ns.takenet.com.br
nserver:     ns2.takenet.com.br

Return-Path: <account@chase.com>
Delivered-To: spamcop-net-antihotmail@spamcop.net
Received: (qmail 20607 invoked from network); 28 Apr 2006 14:56:04 -0000
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on blade5
X-Spam-Level: ***************
X-Spam-Status: hits=15.0 tests=FORGED_MSGID_YAHOO,HTML_IMAGE_ONLY_28,
        HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_BOUND_DD_DIGITS,
        MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,MPART_ALT_DIFF,MSGID_SPAM_LETTERS,
        RCVD_NUMERIC_HELO,UNPARSEABLE_RELAY,URIBL_BLACK version=3.1.1
Received: from unknown (HELO c60.cesmail.net) (192.168.1.105)
  by blade5.cesmail.net with SMTP; 28 Apr 2006 14:56:04 -0000
Received: from mailgate.cesmail.net ([216.154.195.36])
  by c60.cesmail.net with SMTP; 28 Apr 2006 10:55:47 -0400
X-IronPort-AV: i="4.04,164,1144036800";
   d="scan'208"; a="346897607:sNHT51503054"
Received: (qmail 4295 invoked from network); 28 Apr 2006 14:55:46 -0000
Received: from unknown (HELO mailgate.cesmail.net) (192.168.1.101)
  by mailgate.cesmail.net with SMTP; 28 Apr 2006 14:55:46 -0000
X-RocketMail: 00000001;R---------------;5535
X-RocketUID: 0000101768
X-RocketMIF: 1145969646;3669;
X-RocketYMUMID: APXJjkQAAJwyRE4b7gSSE0CpLjY
X-Apparently-To: sgtpepper_1967@yahoo.com via 68.142.201.245; Tue, 25 Apr 2006
05:54:06 -0700
X-RocketRCL: 2726;1;1596475561;2768
X-Rocket-Spam: 83.150.204.44
X-YahooFilteredBulk: 83.150.204.44
X-Rocket-Track: cat=BK;
info=ip:BK<ip=83.150.204.44,policy=g-w0,n0,g100>;sv:UK<ip=68.142.202.232>
X-Originating-IP: [83.150.204.44]
Authentication-Results: mta237.mail.mud.yahoo.com
  from=chase.com; domainkeys=neutral (no sig)
Received: from popgate.cesmail.net [192.168.1.201]
        by mailgate.cesmail.net with POP3 (fetchmail-6.2.1)
        for antihotmail@spamcop.net (single-drop); Fri, 28 Apr 2006 10:55:46 -0400
(EDT)
Received: from 83.150.204.44 (83.150.204.44)
  by mta237.mail.mud.yahoo.com with SMTP; Tue, 25 Apr 2006 05:54:05 -0700
Received: from 23.44.208.119 by ; Tue, 25 Apr 2006 06:46:35 -0700
Message-ID: <monstrosity@yahoo.com>
Date: Tue, 25 Apr 2006 16:52:35 +0300
From: "JPMorgan Chase & Co." <account@chase.com>
To: raj_nadella1@yahoo.com, cc14607@yahoo.com, nowhere_land@yahoo.com,
sgtpepper_1967@yahoo.com
Subject: Online Banking Disabled
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="--714696223379555106"
X-Mailer: MIME-tools 5.503 (Entity 5.501)
X-OriginalArrivalTime: Tue, 25 Apr 2006 09:49:35 -0400
Content-Length: 1162
X-SpamCop-Checked:
X-SpamCop-Disposition: Blocked SpamAssassin=15

----714696223379555106
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable

&nbsp;&nbsp;&nbsp;<img src=3Dhttp://www.chase.com/ccpmweb/shared/image/cha=
seNewlogo.gif><div><br>&nbsp;&nbsp;<font face=3Dverdana color=3D"darkblue"=
 size=3D2><b> Dear JPMorgan Chase & Co. Customer,</b></font></div><br><br>=
<font face=3D"arial" size=3D2><DIV>&nbsp;&nbsp;&nbsp;Due to suspicious act=
ivities on your JPMorgan Chase & Co. online account registered on raj_nade=
lla1@yahoo.com we have<BR>&nbsp;&nbsp; temporarily <A href=3D"http://www.g=
oogle.com/url?q=3Dhttp://www.dhcp.com.br/_uti_inf.html";>DISABLED</A> acces=
s to your Online Banking session.</div><br><br></font><font face=3D"arial"=
 size=3D2><DIV>&nbsp;&nbsp;&nbsp;In order to reinstate your account and re=
sume Online Banking please&nbsp;<A href=3D"http://www.google.com/url?q=3Dh=
ttp://www.dhcp.com.br/_uti_inf.html">CONFIRM</A> your online <br>&nbsp;&nb=
sp;&nbsp;account, or you can call customer service Monday through Friday 8=
 a.m. EST to 1 a.m. EST and <br>&nbsp;&nbsp;&nbsp;Saturday 8 a.m. EST to 5=
 p.m. EST at 1-800-621-0361.</div><br><br><DIV>&nbsp;&nbsp;&nbsp;_________=
_____________________________________________________________</div><br><di=
v><font face=3Dverdana size=3D1>&nbsp;&nbsp;&nbsp;ABOUT THIS MESSAGE:<div>=
<font face=3Dverdana size=3D1>&nbsp;&nbsp;&nbsp;This message was delivered=
 to you as a JPMorgan Chase & Co. credit card customer to provide you acco=
unt<br>&nbsp;&nbsp;&nbsp;updates and information about your card benefits.=
 JPMorgan Chase & Co. values your privacy and your<br>&nbsp;&nbsp;&nbsp;pr=
eferences.</div><br><div><font face=3Dverdana size=3D1>&nbsp;&nbsp;&nbsp;Y=
our personal information is protected by state-of-the-art technology. For =
more detailed <br>&nbsp;&nbsp;&nbsp;security information, view our <A href=
=3D"http://www.chase.com/privacy";>Online Privacy Policy</A>. To request in=
 writing: JPMorgan Chase & Co. Privacy <br>&nbsp;&nbsp;&nbsp;Operations, 4=
51 Florida Street, Fourth Floor, LA2-9376, Baton Rouge, LA 70801</div><br>=
<div><font face=3Dverdana size=3D1>&nbsp;&nbsp;&nbsp;If you want to contac=
t JPMorgan Chase & Co., please do not reply to this message, but instead g=
o to <br>&nbsp;&nbsp;&nbsp;<A href=3D"http://www.chase.com";>http://www.cha=
se.com/</A>. For faster service, please enroll or log in to your account. =
Replies to<br>&nbsp;&nbsp;&nbsp;this message will not be read or responded=
 to.</div><br><div><font face=3Dverdana size=3D1>&nbsp;&nbsp;&nbsp;This em=
ail was sent to: raj_nadella1@yahoo.com</div><br><div><font face=3Dverdana=
 size=3D1>&nbsp;&nbsp;&nbsp;Copyright =A9 2006, JPMorgan Chase & Co. All R=
ights Reserved.</div>

----714696223379555106--



--


--
Questions can be sent to: iirt@antihotmail.com
Domain  Dossier: http://www.centralops.net/
Antihotmail.com Whois: http://whois.antihotmail.com

[Zero Tolerance towards Unsolicited Email]
This email is sent in compliance with our strict anti-abuse
regulations.You have received this email because we are a active
Spam fighting organization.If you do not wish to receive any mail
from our service you may permanently block your email address by
sending a email to: stop.complaints@antihotmail.com .

All UCE/BCE is subject to a US$500.00 fee per item. If you send UCE
(SPAM) to Antihotmail.com , you are agreeing to this charge for
processing your "email" and also agree to pay any and all costs
incurred in collecting this fee.


Since you’re here …
we have a small favour to ask. More people are visting Scamdex and Scamalot than ever but advertising revenues are falling fast and we have no 'product' to sell. And unlike many informational websites, we haven’t put up a paywall or membership barrier – we want to keep our site as open as we can. So you can see why we need to ask for your help. Scamdex/Scamalot websites takes a lot of time, money and hard work to keep running. We do this because we hate to see our fellow humans getting scammed out of their hard-earned money by low-lives.
Consider switching off your AdBlocker (if you use one) or contributing directly by one of the links below. Thank you for reading!