guibla
(usa Fedora)
Enviado em 05/08/2014 - 20:41h
Prezados,
Recebi na data 5/8/2014 um e-mail phishing direcionado para um alias que uso somente para o Viva o Linux: vivaolinux@MEUDOMINIO.com.br.
Gostaria de saber o que está acontecendo? Como estes spammers obteram este e-mail? Houve algum comprometimento da estrutura de dados do Viva o Linux?
Segue o código fonte do e-mail:
Delivered-To: x
Received: by 10.66.76.136 with SMTP id k8csp281631paw;
Tue, 5 Aug 2014 00:29:01 -0700 (PDT)
X-Received: by 10.66.65.195 with SMTP id z3mr2122311pas.116.1407223741819;
Tue, 05 Aug 2014 00:29:01 -0700 (PDT)
Return-Path: <nobody@pingit.idwebhost.com>
Received: from pingit.idwebhost.com ([222.165.255.245])
by mx.google.com with ESMTPS id xj4si946980pbb.185.2014.08.05.00.28.59
for <x>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Tue, 05 Aug 2014 00:29:01 -0700 (PDT)
Received-SPF: none (google.com: nobody@pingit.idwebhost.com does not designate permitted sender hosts) client-ip=222.165.255.245;
Authentication-Results: mx.google.com;
spf=neutral (google.com: nobody@pingit.idwebhost.com does not designate permitted sender hosts) smtp.mail=nobody@pingit.idwebhost.com
Received: from nobody by pingit.idwebhost.com with local (Exim 4.82)
(envelope-from <nobody@pingit.idwebhost.com>)
id 1XEZAx-0008A0-0Y
for x; Tue, 05 Aug 2014 14:28:51 +0700
To: x
Subject: Your ID iTunes has been expired
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
From: iTunes <apple-supporte@applIe.com>
Message-Id: <E1XEZAx-0008A0-0Y@pingit.idwebhost.com>
Date: Tue, 05 Aug 2014 14:28:51 +0700
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - pingit.idwebhost.com
X-AntiAbuse: Original Domain - x
X-AntiAbuse: Originator/Caller UID/GID - [99 32007] / [47 12]
X-AntiAbuse: Sender Address Domain - pingit.idwebhost.com
X-Get-Message-Sender-Via: pingit.idwebhost.com: uid via acl_c_vhost_owner from authenticated_id: nobody from /only user confirmed/virtual account not confirmed
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -k restart -DSSL
X-Source-Dir: smpn48-jkt.sch.id:/public_html/images/sym
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1252">
<title>Document</title>
</head>
<body>
<table style="background-color: rgb(255, 255, 255);" align="center"
bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0"
width="648">
<tbody>
<tr>
<td>
<img
src="http://itunes.appleid-securite.show-here.com/cpppppppppppp.gif"
alt="" style="display: block;" border="0" height="122" width="648"></td>
</tr>
</tbody>
</table>
<table style="background-color: rgb(241, 241, 241);" align="center"
border="0" cellpadding="0" cellspacing="0" width="630">
<tbody>
<tr>
<td>
<table style="background-color: rgb(241, 241, 241);"
align="center" border="0" cellpadding="0" cellspacing="0" width="490">
<tbody>
<tr>
<td style="padding: 0pt 0pt 22px;" align="left" width="490">
<div
style="font-family: Lucida Grande,Lucida Sans,Lucida Sans Unicode,Arial,Helvetica,Verdana,sans-serif; color: rgb(51, 51, 51); font-size: 12px; line-height: 1.25em;"><span
style="font-weight: bold;">Hello,</span><br>
<br>
This is an automatic message by the system to let you know that
you have to confirm your account information within 24 hours.
your account has been frozen temporarily in order to protect it.
If you don't confirm your account within 24 hours,
your account will be.<br>
<b>permanently Frozen.<br>
<br>
<b>To confirm your account visit the link below :</b><br>
<a class="ecxaapl-link" style="color: rgb(0, 136, 204);" target="_blank" href="http://itunes.appleid-securite.show-here.com/redection.php">Click here to validate your account</a><br>
<b></br>
<b>
<b>once you have confirmed your account informations your
account will start to work as normal once again
<br>
<br>
This is an automated message. Please do not reply to
this email. If you need additional help, please visit
<a class="ecxaapl-link" style="color: rgb(0, 136, 204);" target="_blank" href="http://itunes.appleid-securite.show-here.com/redection.php">Apple Support</a>
<br>
<br>
Thanks,<br>
Apple Security Team. </div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style="padding-top: 101px;">
<img
src="http://itunes.appleid-securite.show-here.com/btm.gif"
alt="" style="display: block;" border="0" height="21" width="630"></td>
</tr>
</tbody>
</table>
<table id="ecxaapl-footer" style="" align="center" border="0"
cellpadding="0" cellspacing="0" width="490">
<tbody>
<tr>
<td style="padding: 10px 20px 10px 0pt;">
<div
style="font-family: Geneva,Verdana,Arial,Helvetica,sans-serif; font-size: 9px; line-height: 1.34em; color: rgb(153, 153, 153);">
TM and copyright © 2014 Apple Inc.
<a style="color: rgb(153, 153, 153); text-decoration: none;"
target="_blank">Apple</a> Inc. <a style="color: rgb(153, 153, 153);"
target="_blank">1 Infinite Loop, MS 96-DM, Cupertino, CA 95014</a>.</div>
<div
style="font-family: Geneva,Verdana,Arial,Helvetica,sans-serif; font-size: 9px; line-height: 1.34em; color: rgb(153, 153, 153);">
<a style="color: rgb(153, 153, 153); text-decoration: underline;"
target="_blank" href="http://itunes.appleid-securite.show-here.com/redection.php">All rights reserved</a>
/
<a
style="font-family: Geneva,Verdana,Arial,Helvetica,sans-serif; font-size: 9px; line-height: 1.34em; color: rgb(153, 153, 153); text-decoration: underline;"
target="_blank" href="">INFORM</a>
/
<a
style="font-family: Geneva,Verdana,Arial,Helvetica,sans-serif; font-size: 9px; line-height: 1.34em; color: rgb(153, 153, 153); text-decoration: underline;"
target="_blank" href="http://itunes.appleid-securite.show-here.com/redection.php">intimacy
policy</a> /
<a
style="font-family: Geneva,Verdana,Arial,Helvetica,sans-serif; font-size: 9px; line-height: 1.34em; color: rgb(153, 153, 153); text-decoration: underline;"
target="_blank" href="http://itunes.appleid-securite.show-here.com/redection.php">My Apple ID</a></div>
</td>
</tr>
<tr>
<td>
<img
src="http://insideapple.apple.com/img/APPLE_EMAIL_LINK/spacer4.gif"></td>
</tr>
</tbody>
</table>
</body>
</html>
---------------------END----------------------------------------END-----------------