Thursday, October 3, 2019

Confirm Your Paypal Account

NOTE: This author clearly didn't put much effort into his scam. Not only does the recipient of this email NOT have a Paypal account but there is never a time Paypal will send an email from another domain. Nor would Paypal use a free antivirus program to "scan" emails on their way out. This is a classic phishing attempt. The author is hoping the reader doesn't notice the bogus email, the bogus links & message. If the author successfully fools the reader and the reader DOES have a PayPal account it will be compromised the moment the links provided in the email are clicked and credentials are provided. This author is a sloppy criminal.


From: "Assistance" <admin@talentcapture.us> To: " " < >10:07:27 CDT, Thursday 03 October 2019
Attachments: None
Message ID: <DESKTOP14BURFU39617abb000f41d388c21da90693b5af@DESKTOP14BURFU>
Return Path: <admin@talentcapture.us>
Reply To:
MIME Version: 1.0
Content Type: multipart/related; type="multipart/alternative"; boundary="_=aspNetEmail=_5818ae6f652f42498c10440cc2cdf7fd"
Attachments:
None
Received:
from mx1-us1.ppe-hosted.com (unknown [10.7.66.31]) by pure.maildistiller.com with ESMTPS id 5213A2C0060 for < >; Thu, 3 Oct 2019 15:07:27 +0000 (UTC)

from server.talentcapturerecruiting.com (unknown [50.116.100.223]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1-us1.ppe-hosted.com with ESMTPS id 383419400B1 for < >; Thu, 3 Oct 2019 15:07:27 +0000 (UTC)

from [105.190.166.19] (port=63772 helo=DESKTOP14BURFU) by server.talentcapturerecruiting.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.92) (envelope-from <admin@talentcapture.us>) id 1iG2hP-00020j-Mt for  ; Thu, 03 Oct 2019 09:07:26 -0600


Dear Customer, Your account security is our top priority. To help protect your account, we'v..
Image removed - click Show Images to View
Image removed - click Show Images to View
Image removed - click Show Images to View
Image removed - click Show Images to View
Dear   ,

Your account security is our top priority. we notice that your card has been removed from your account, we've temporarily limited what you can do with it. You will need to complete some steps to ensure the security of your account.

What's going on?

We noticed some unusual activity on your account and some informations has been changed, we are concerned about potential unauthorised account access.

Click here

Please log in to your account by clicking on "Click here" and follow the steps there to confirm your identity and recent account activity. To help protect your account, your account will remain limited until you complete the necessary steps.

Sincerely,

PayPal

Image removed - click Show Images to View
Image removed - click Show Images to View
Please do not reply to this email. To get in touch, go to the PayPal website and click Help & Contact.

1999-2019 PayPal. The PayPal service is provided by PayPal Australia Pty Limited (ABN 93 111 195 389) which holds Australian Financial Services Licence number 304962. Any information provided is general only and does not take into account your objectives, financial situation or needs.

PayPal PPC000263:461f198f97755

Image removed - click Show Images to View
Image removed - click Show Images to View

Image removed - click Show Images to View
Garanti sans virus. www.avast.com


Envelope Sender: <admin@talentcapture.us>
'From' Header: "Assistance" <admin@talentcapture.us>
Subject: Confirm Your Paypal Account
Timestamp: 10:07:27 CDT, Thursday 03 October 2019
Message-ID: <DESKTOP14BURFU39617abb000f41d388c21da90693b5af@DESKTOP14BURFU>
Attachments: None

Client IP Address: 50.116.100.223
Client GeoIP Lookup: United States
Email Size: 12.8 kB
Encrypted? No

No comments:

Post a Comment