An
Email with the Subject "NatWest Credit Card Online Services Review" was
received in one of Scamdex's honeypot email accounts on Tue, 10 Dec 2013 00:00:49 -0800
and has been classified as a Employment/Job Scam Email.
The sender shows as "NatWest" <acrobat@idol.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => scamdex@scamdex.com
[delivery-date:] => Tue, 10 Dec 2013 00:00:50 -0800
[received:] => Array
(
[0] => from mailrelay011.isp.belgacom.be ([195.238.6.178]:46496)by lester.newsblaze.com with esmtp (Exim 4.80.1)(envelope-from )id 1VqIFM-0003OC-Uwfor scamdex@scamdex.com; Tue, 10 Dec 2013 00:00:49 -0800
[1] => from 228.229-183-91.adsl-static.isp.belgacom.be (HELO [192.168.101.110]) ([91.183.229.228]) by relay.skynet.be with ESMTP; 10 Dec 2013 09:00:39 +0100
)
[message-id:] =>
[x-ironport-anti-spam-filtered:] => true
[x-ironport-anti-spam-result:] => AtBZAMbJplJbt+Xk/2dsb2JhbAANOROBcQIBgUtHAQGlNwKBIgEBiXGKBoMQISBmAYEfh30dCJ4lA4NdjXuCLG1EN5p0EQGDUIE6A4kKhi+VU4VlgmCBcA
[content-type:] => multipart/alternative; boundary="===============0415464722=="
[mime-version:] => 1.0
[subject:] => NatWest Credit Card Online Services Review
[to:] => Recipients
[from:] => "NatWest"
[date:] => Tue, 10 Dec 2013 09:00:36 +0100
[x-spam-status:] => No, score=0.0
[x-spam-score:] => 0
[x-spam-bar:] => /
[x-ham-report:] => Spam detection software, running on the system "lester.newsblaze.com", hasidentified this incoming email as possible spam. The original messagehas been attached to this so you can view it (if it isn't spam) or labelsimilar future email. If you have any questions, seeroot\@localhost for details.Content preview: Dear Valued Customer, This is a short email to let you know that your NatWest Credit Card Online Services security details was recently changed on Tuesday, December 10, 2013 at 08:05:48 AM. Please confirm that this request was made by you. [...] Content analysis details: (0.0 points, 4.0 required) pts rule name description---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: deracketspecialist.nl] 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay
[x-spam-flag:] => NO
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
This is a short email to let you know that your NatWest Credit Card Online
Services security details was recently changed on Tuesday, December 10, 2013 at
08:05:48 AM. Please confirm that this request was made by you.
This is a short email to let you know that your NatWest Credit Card Online
Services security details was recently changed on Tuesday, December 10, 2013 at
08:05:48 AM. Please confirm that this request was made by you.
