Received this today... it included a word doc ("Ncua FORM.doc" which
I have NOT opened yet) and a request to fax it. Quite odd.
Appears to have been formmailled out of The Planet in Dallas, via an
IP in Romania.
--chuck
Return-Path: <[EMAIL PROTECTED]>
Received: from [64.18.0.51] (HELO psmtp.com)
by smtp.forest.net (CommuniGate Pro SMTP 5.0.9)
with SMTP id 48742105 for [EMAIL PROTECTED]; Thu, 12 Apr 2007 08:40:19 -0700
Received: from source ([70.84.87.146]) (using TLSv1) by
exprod5mx170.postini.com ([64.18.4.10]) with SMTP;
Thu, 12 Apr 2007 08:23:05 PDT
Received: from [85.120.78.130] (port=2870 helo=User)
by mazda.websitewelcome.com with esmtpa (Exim 4.63)
(envelope-from <[EMAIL PROTECTED]>)
id 1Hc13w-0005iz-KQ; Thu, 12 Apr 2007 10:18:19 -0500
From: "FCU Online"<[EMAIL PROTECTED]>
Subject: Please Download and Complete the Form
Date: Thu, 12 Apr 2007 18:18:04 +0300
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_011B_01C2A9A6.4B8A4532"
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - mazda.websitewelcome.com
X-AntiAbuse: Original Domain - forest.net
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
X-AntiAbuse: Sender Address Domain - ncua.com
X-Source:
X-Source-Args:
X-Source-Dir:
<x-html><!x-stuff-for-pete base="" src="" id="1"
charset="Windows-1251"><HTML><HEAD><TITLE></TITLE>
</HEAD>
<BODY bgcolor=#FFFFFF leftmargin=5 topmargin=5 rightmargin=5 bottommargin=5>
<FONT size=2 color=#000000 face="Arial">
<DIV>
Dear FCU account holder,</DIV>
<DIV>
Recently, there have been multiple e-mail fraud attempts, known as
"Phishing", that were initiated via e-mail sent to both the general
public and to some credit union members that appeared to be from FCU
Bank.This false e-mail asked for the recipient to click on a link to
verify their credit union account registration. If the recipient
proceeded to do so, the link directed them to a false website and
asked for their credit union account number and PIN, along with other
personal information. At FCU Bank the highest interest to our
customers is the safekeeping of confidential information you have
entrusted to us and using it in a secure manner. A fundamental
element of safeguarding your confidential information is to provide
protection against unauthorized access or use of this
information.</DIV>
<DIV>
Due to all the fraud attempts we need you to complete a form, sign it
and fax it back to us as soon as possible to +1-866-270-4524 so that
we can improve our security measurements. As soon as our database
will be updated we will contact you for further information`s and to
make some important announcements so please complete the form
attached to this mail with no delay. </DIV>
<DIV>
We are committed to the secure use and protection of customer
information. If you have any questions regarding our services, please
check the website or call our customer service. </DIV>
<DIV>
We apologize for any inconvenience</DIV>
<DIV>
Best Regards,<BR>
FCU Bank <FONT size=3 face="Times New Roman"> </FONT><IMG
align=baseline border=0 width=1 height=1
src="cid:00A68AE7FFA8$0507B9AC$0100007f@cksiwzdutjtwwrx"></DIV>
</FONT>
</BODY></HTML>
</x-html>
_______________________________________________
phishing mailing list
[EMAIL PROTECTED]
http://www.whitestar.linuxbox.org/mailman/listinfo/phishing
