Received: by 10.216.91.195 with SMTP id h45csp93930wef;
Thu, 7 Jun 2012 09:51:02 -0700 (PDT)
Received: by 10.50.149.225 with SMTP id ud1mr1545375igb.74.1339087861524;
Thu, 07 Jun 2012 09:51:01 -0700 (PDT)
Return-Path: <mail@cardaccount.net>
Received: from host.hudsoncatholic.org (host.hudsoncatholic.org.
[67.225.241.177])
by mx.google.com with ESMTPS id bd9si4980048icb.11.2012.06.07.09.51.00
(version=TLSv1/SSLv3 cipher=OTHER);
Thu, 07 Jun 2012 09:51:01 -0700 (PDT)
Received-SPF: neutral (google.com: 67.225.241.177 is neither permitted nor
denied by best guess record for domain of
mail@cardaccount.net)
client-ip=67.225.241.177;
Authentication-Results: mx.google.com; spf=neutral (google.com: 67.225.241.177
is neither permitted nor denied by best guess record for domain of
mail@cardaccount.net)
smtp.mail=mail@cardaccount.netReceived: from ns3000183.ovh.net ([37.59.46.7]:54604)
by host.hudsoncatholic.org with esmtpa (Exim 4.69)
(envelope-from <mail@cardaccount.net>)
id 1ScfvA-0003ZL-2x; Thu, 07 Jun 2012 12:50:52 -0400
Message-ID: <8617AFF7EBB248728DBD2A4FBFE467A7@ns3000183>
From: "Visa USA" <mail@cardaccount.net>
Subject: =?utf-8?B?UGxlYXNlLCB1cGRhdGUgeW91ciBQT1MgUmV0YWls?=
Please, update your POS Retail
Date: Thu, 7 Jun 2012 17:50:57 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_174A_01CD44D6.17AD35D0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5843
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - host.hudsoncatholic.org
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - cardaccount.net
This is a multi-part message in MIME format.
Image contains fake website redirection to steal personal details, CC numbers,
install malware.
"http:/ /app.secure-3ds.com/img/logo_58374_298322_j.png"
<<Phishing website."http:/ /app.secure-3ds.com/img/image_331928333.
"http:/ /app.secure-3ds.com/updates/installer.php?id=3Da0b33b6f30=
ead86963bac69e3bdc7787"