[Full-Disclosure] [BU-NOSPAM] FYI: Visa abuse - equal to PayPal abuse
roman.kunz_at_juliusbaer.com
Date: 01/30/04
- Previous message: roman.kunz_at_juliusbaer.com: "[Full-Disclosure] FYI: Visa abuse - equal to PayPal abuse"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Fri, 30 Jan 2004 10:38:18 +0100
Spam detection software, running on the system "chex.decru.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: This is a multipart message in MIME format. I apologise
if this has already been posted. it's nearly the same rubbish as within
the *Attempt to steal paypal password *. Button is leading to
http://%77%77%77%2e%76%62%69%6c%6c%2e%62%69%7a/ = www.vbill.biz (Domain
Infos see below VISA - Message) [...]
Content analysis details: (9.2 points, 7.5 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.3 NO_REAL_NAME From: does not include a real name
1.2 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.5 HTML_20_30 BODY: Message is 20% to 30% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 HTML_FONT_BIG BODY: HTML has a big font
2.4 HTTP_ESCAPED_HOST URI: Uses %-escapes inside a URL's hostname
4.0 BIZ_TLD URI: Contains a URL in the BIZ top-level domain
0.7 HTTP_EXCESSIVE_ESCAPES URI: Completely unnecessary %-escapes inside a URL
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
attached mail follows:
To: full-disclosure@lists.netsys.com Date: Fri, 30 Jan 2004 10:38:18 +0100
I apologise if this has already been posted.
it's nearly the same rubbish as within the *Attempt to steal paypal password *.
Button is leading to http://%77%77%77%2e%76%62%69%6c%6c%2e%62%69%7a/ = www.vbill.biz
(Domain Infos see below VISA - Message)
regards
roman
_____________________start VISA_______________________
Dear Sir/Madam,
We were informed that your credit card is used by another person or
stolen. It could happen if you have been shopping on-line, and someone got
your "Billing information" including your credit card number. To avoid and
prevent any further fraud and billing mistakes and to refund your credit
card, it is strongly recommended to proceed filling in the secure form on
our site and applying for our Zero Liability program. Program is free and
it will help us to confirm the fact of fraud and investigate this accident
as soon as possible.
Sincerely yours, Visa Support Assistant, Alwin Desagun.
_______________________end VISA_______________________
Domain Info:
Domain Name: VBILL.BIZ
Domain ID: D6142507-BIZ
Sponsoring Registrar: DIRECT INFORMATION PVT.
LTD., (D.B.A. DIRECTI.COM)
Domain Status: clientTransferProhibited
Registrant ID: DI_278051
Registrant Name: Denis Yarin
Registrant Organization: Vbill
Registrant Address1: Chapaeva 18-2-39
Registrant City: Zhukovski
Registrant Postal Code: 140110
Registrant Country: Russian Federation
Registrant Country Code: RU
Registrant Phone Number: +7.246507129
Registrant Email: vbillbiz@yahoo.com
Administrative Contact ID: DI_278051
Administrative Contact Name: Denis Yarin
Administrative Contact Organization: Vbill
Administrative Contact Address1: Chapaeva 18-2-39
Administrative Contact City: Zhukovski
Administrative Contact Postal Code: 140110
Administrative Contact Country: Russian Federation
Administrative Contact Country Code: RU
Administrative Contact Phone Number: +7.246507129
Administrative Contact Email: vbillbiz@yahoo.com
Billing Contact ID: DI_278051
Billing Contact Name: Denis Yarin
Billing Contact Organization: Vbill
Billing Contact Address1: Chapaeva 18-2-39
Billing Contact City: Zhukovski
Billing Contact Postal Code: 140110
Billing Contact Country: Russian Federation
Billing Contact Country Code: RU
Billing Contact Phone Number: +7.246507129
Billing Contact Email: vbillbiz@yahoo.com
Technical Contact ID: DI_278051
Technical Contact Name: Denis Yarin
Technical Contact Organization: Vbill
Technical Contact Address1: Chapaeva 18-2-39
Technical Contact City: Zhukovski
Technical Contact Postal Code: 140110
Technical Contact Country: Russian Federation
Technical Contact Country Code: RU
Technical Contact Phone Number: +7.246507129
Technical Contact Email: vbillbiz@yahoo.com
Name Server: DNS3.HOSTMATIX.COM
Name Server: DNS1.HOSTMATIX.COM
Created by Registrar: DIRECT INFORMATION PVT.
LTD., (D.B.A. DIRECTI.COM)
Last Updated by Registrar: DIRECT INFORMATION PVT.
LTD., (D.B.A. DIRECTI.COM)
Domain Registration Date: Mon Jan 26 14:23:27 GMT
2004
Domain Expiration Date: Tue Jan 25 23:59:59 GMT
2005
Domain Last Updated Date: Thu Jan 29 22:18:35 GMT 2004
*****Disclaimer*****
This message is for the addressee only and may contain confidential or
privileged information. You must delete and not use it if you are not the
intended recipient. It may not be secure or error-free. All e-mail
communications to and from the Julius Baer Group may be monitored.
Processing of incoming e-mails cannot be guaranteed. Any views expressed
in this message are those of the individual sender. This message is for
information purposes only. All liability of the Julius Baer Group and its
entities for any damages resulting from e-mail use is excluded. US persons
are kindly requested to read the important legal information presented
after clicking here: http://www.juliusbaer.com/maildisclaimer
*****Disclaimer*****
This message is for the addressee only and may contain confidential or
privileged information. You must delete and not use it if you are not the
intended recipient. It may not be secure or error-free. All e-mail
communications to and from the Julius Baer Group may be monitored.
Processing of incoming e-mails cannot be guaranteed. Any views expressed
in this message are those of the individual sender. This message is for
information purposes only. All liability of the Julius Baer Group and its
entities for any damages resulting from e-mail use is excluded. US persons
are kindly requested to read the important legal information presented
after clicking here: http://www.juliusbaer.com/maildisclaimer
*****Disclaimer*****
This message is for the addressee only and may contain confidential or
privileged information. You must delete and not use it if you are not the
intended recipient. It may not be secure or error-free. All e-mail
communications to and from the Julius Baer Group may be monitored.
Processing of incoming e-mails cannot be guaranteed. Any views expressed
in this message are those of the individual sender. This message is for
information purposes only. All liability of the Julius Baer Group and its
entities for any damages resulting from e-mail use is excluded. US persons
are kindly requested to read the important legal information presented
after clicking here: http://www.juliusbaer.com/maildisclaimer
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: roman.kunz_at_juliusbaer.com: "[Full-Disclosure] FYI: Visa abuse - equal to PayPal abuse"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
