[e-gold-list] phishing_attack
listsf245 at william-maderas.com
listsf245 at william-maderas.com
Thu Jul 20 03:04:04 MDT 2006
Hello everyone,
Just wanted to let everyone know I recieved the following email claiming to
be from e-gold:
"from: service at e-gold.com, info at e-gold.com
subject: Reactivate your account."
There was now text.
The body of the message was a form for accessing my e-gold account, which
contained a field for my password (of course).
Here's the header info:
"Return-Path: <nobody at highlander.websitewelcome.com>
Received: from highlander.websitewelcome.com ([70.86.183.130])
by mx-bracke.atl.sa.earthlink.net (EarthLink SMTP Server) with
ESMTP id
1g3j6u5vL3Nl34i0
for <contactmaderas at earthlink.net>; Wed, 19 Jul 2006 16:57:10
-0400 (EDT)
Received: from nobody by highlander.websitewelcome.com with local (Exim 4.52)
id 1G3J6V-0006qp-2i
for xxxxxxxx; Wed, 19 Jul 2006 15:57:11 -0500
To: xxxxxxxxxxx
Subject: Reactive your account.
From: service at e-gold.com<info at e-gold.com>
Content-Type: text/html
Message-Id: <E1G3J6V-0006qp-2i at highlander.websitewelcome.com>
Date: Wed, 19 Jul 2006 15:57:11 -0500"
I put x's in my email address to keep it from getting harvested by whoever.
Here is the line of script for the "method = post" aspect of the message:
<form method="post" name="f"
action="http://www.tacticalapplicationsgroup.com/components/e-gold/secure/login.php">
Take care all,
W. Maderas
---
You are currently subscribed to e-gold-list as: e-gold-list at kobly.com
To unsubscribe send a blank email to leave-e-gold-list-512001C at talk.e-gold.com
Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
More information about the E-gold-list
mailing list