Sprint: Your bill is now available online

[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]

VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.

Header:

From - Wed Oct 10 20:15:26 2012
X-Account-Key: account9
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Delivered-To: x
Received: by 10.58.198.161 with SMTP id jd1csp230044vec;
Tue, 9 Oct 2012 12:06:32 -0700 (PDT)
Received: by 10.180.93.106 with SMTP id ct10mr6776579wib.8.1349809591964;
Tue, 09 Oct 2012 12:06:31 -0700 (PDT)
Return-Path: <noreply@sprint.com>
Received: from (cpc3-rdng24-2-0-cust812.15-3.cable.virginmedia.com. [82.3.103.45])
by mx.google.com with ESMTP id b16si16296332weq.158.2012.10.09.12.06.28;
Tue, 09 Oct 2012 12:06:31 -0700 (PDT)
Received-SPF: fail (google.com: domain of noreply@sprint.com does not designate 82.3.103.45 as permitted sender)
client-ip=82.3.103.45;
Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of noreply@sprint.com does not designate
82.3.103.45 as permitted sender) smtp.mail=noreply@sprint.com
Message-ID: <x@LAPTOP-HPNX7400>
Date: Tue, 09 Oct 2012 20:06:24 +0100
From: "Sprint" <noreply@sprint.com>
MIME-Version: 1.0
To: x
Subject: Sprint: Your bill is now available online
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: 7bit

Body:

Please do not reply to this email.

Not seeing the images? View online or go mobile.

Bill Period: September 10 - October 9, 2012

Total Due by October 9

$3850

Note: All online payments are made in a secure environment.

Give the students in your life an A+ phone at a smart price. | Add a line

We're hard at work building an all-new network. | See the improvements

SPRINT NEWS AND NOTICES
This section contains important updates about your Sprint Services, Including Service or Rate Changes, Promotions and Offers.

NEXTEL PRODUCTS: IMPORTANT MESSAGE
Due to the Nextel National Network shutdown on 6/30/13, any Nextel devices sold after 6/1/12 are intended to support existing customers' migration efforts and no minimum Order Terms will apply.

Comments:

To protect yourself from the malware distributed via spam e-mails like this we highly recommend avast! Internet Security.

Two different links were used in this example, both pointing to malicious websites that may infect your computer once you visit them.

This e-mail is very dangerous, even the From field looks legitimate, but closer inspection of the e-mail header will reveal that the From address is spoofed and that the e-mail did not come from Sprint.

Furthermore, if you hover with your mouse over each link, you will notice that the target website is not Sprint.com, but a totally different website, not even remotely linked to Sprint.com.

We expect that this e-mail might be part of a larger campaign, run by an international gang of cyber crooks, targeting U.S. banking customers at the moment.

Related Cyber Criminal Profiles:

No related profiles found.

Similar Spam Examples:

R.C.H.A Stock Market Spam - This pharmaceutical could quadruple fast
Banking Phishing Scam - Your Chase Credit Card Account
ADP Generated Message Malware Spam
Orchard Bank Phishing Scam Account Alert Statement Available
Zales Phishing Scam - Credit Card - Balance Notice

Related Malware Samples:

No related malware samples found.

[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]