09-10-2020, 07:42 AM
I received an intriguing email this morning. Subject was 'Your email Vk4adc@wia.org.au account will be blocked'.
The body of the email :
'Your email Vk4adc@&domain& account will be blocked from your Domain wia.org.au in response to a complaint received by the administration.
According to provision 13.3 of Terms and Conditions, wia.org.au Admin may at any time, terminate its Services for your account and all your data will be lost
To re-validate your account Download setup configuration below and update to οrgαnιzed mαilbοx to αvοid being De-actιvαted
Thanks
wia.org.au Admin will continue to provide these additional steps to keep your account safe.
and it had a .htm attachment named 'CLICK-HERE-TO-UPGRADE-vk4adc@wia.org.au.htm'
This would seem to be a poorly constructed hack of some type - so poor that I didn't click on the .htm attachment - but I did save it and viewed the html source. Nothing dangerous was immediately evident but the coded blocks could contain anything.
The details in the properties of the email were interesting too :
'Received: from mf01.add.adl.fog.net.au (mf.add.adl.fog.net.au [223.25.224.80] (may be forged))
by wia.org.au (8.14.7/8.14.7) with ESMTP id 098EeHAt025078
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL)
for <vk4adc@wia.org.au>; Fri, 9 Oct 2020 01:10:17 +1030
Received: from moneyyy.vps-ams1.blazingfast.io (moneyyy [5.206.224.57])
by mf01.add.adl.fog.net.au with ESMTP id 098EbWxg006305-098EbWxh006305
for <vk4adc@wia.org.au>; Fri, 9 Oct 2020 01:07:32 +1030
Received: by moneyyy.vps-ams1.blazingfast.io (Postfix, from userid 33)
id E4601C40C0; Thu, 8 Oct 2020 14:02:41 +0000 (UTC)'
moneyyy.vps-ams1.blazingfast.io ??
Scam ? I think so !! And definitely not from the WIA....
TO BE SAFE, IGNORE AND DELETE !!!!
The body of the email :
'Your email Vk4adc@&domain& account will be blocked from your Domain wia.org.au in response to a complaint received by the administration.
According to provision 13.3 of Terms and Conditions, wia.org.au Admin may at any time, terminate its Services for your account and all your data will be lost
To re-validate your account Download setup configuration below and update to οrgαnιzed mαilbοx to αvοid being De-actιvαted
Thanks
wia.org.au Admin will continue to provide these additional steps to keep your account safe.
and it had a .htm attachment named 'CLICK-HERE-TO-UPGRADE-vk4adc@wia.org.au.htm'
This would seem to be a poorly constructed hack of some type - so poor that I didn't click on the .htm attachment - but I did save it and viewed the html source. Nothing dangerous was immediately evident but the coded blocks could contain anything.
The details in the properties of the email were interesting too :
'Received: from mf01.add.adl.fog.net.au (mf.add.adl.fog.net.au [223.25.224.80] (may be forged))
by wia.org.au (8.14.7/8.14.7) with ESMTP id 098EeHAt025078
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL)
for <vk4adc@wia.org.au>; Fri, 9 Oct 2020 01:10:17 +1030
Received: from moneyyy.vps-ams1.blazingfast.io (moneyyy [5.206.224.57])
by mf01.add.adl.fog.net.au with ESMTP id 098EbWxg006305-098EbWxh006305
for <vk4adc@wia.org.au>; Fri, 9 Oct 2020 01:07:32 +1030
Received: by moneyyy.vps-ams1.blazingfast.io (Postfix, from userid 33)
id E4601C40C0; Thu, 8 Oct 2020 14:02:41 +0000 (UTC)'
moneyyy.vps-ams1.blazingfast.io ??
Scam ? I think so !! And definitely not from the WIA....
TO BE SAFE, IGNORE AND DELETE !!!!