Cahoot Secure Customer Service Messages
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
From - Sat May 1 13:41:01 2010
X-Account-Key: account8
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-Apparently-To: x
X-YahooFilteredBulk: 24.154.1.26
X-YMailISG:
tDHJ2L8WLDtFagM9yAhfJNZqglwfT80ShGCBUAiMwMV11yNP39NK1kd.dBUKNXWLZipv6Si5iICPOsdT5Mhtmpz0u...
Btk5t.awakgViglh3bWD.Ry.X_viUs9cbNKl2WGrDYi5kmCQqp3IqKL3RUCZAuv0venUsSSc9t0Gsz711PdWfwKVN...
asXQ.08Yp0IzN0hKMMstYYdBDaj2LagCTF.4tmYnauIEyAh7Pn8opz3xJoWOpl99fqACVkeq8ogzQm7YuuRnmK4IP...
ZNkeH.9Vn1Ei6uRvnTjhxPs6fMxoCJOUW4PtlPCXQS7R3tsqyNjC1KuG1SnejqaJ61yoxqVpCJh.mSTiGYTvGpOvg...
RSWJJ8EgxAptXxhzdBlOMmztXHiTp1B4QkA4ap4w_4H6DKYSJCAZvtGZ7QZcLzieaoKaEs9awHKUMJlreMOB7SEGW...
qRDUhQyyf.QsCZdy2PMrwkOH6AXNXFkq4DUvoUiLFy7.MI15xD84w..I.lIkDfjNzTMpUyjMCSR1_CeI0UZGV9gK1...
L1vV1EqVj5.iDeCCei_tuRim8xQBWw_Bq0rSpJGy5sQNyOmoCxsnfvIZZa3N2POTq8GhIFx4o0cHNHD6Kd_pa37ZJ...
EGI0K0j0W9kExyy0L.qZYZS_vb3t.koa9UEscFMfSRkUJMN8S6vPljfnhs52yUc_3hbB9TRl3yfntrYnBsVuVwWng...
X-Originating-IP: [24.154.1.26]
Authentication-Results: mta1003.mail.ukl.yahoo.com from=cahoot.com; domainkeys=neutral (no sig); from=cahoot.com;
dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO cm-1.zoominternet.net) (24.154.1.26)
by mta1003.mail.ukl.yahoo.com with SMTP; Wed, 28 Apr 2010 08:44:00 +0000
X-SpamGroup: 2000
X-CM-Cat: Undefined:Undefined
X-CNFS-Analysis: v=1.0 c=1 a=Dyoqhi_TatcA:10 a=VphdPIyG4kEA:10 a=Cfj4BQAnxiAA:10 a=vHguVU4VNYfipbazFLFZwg==:17
a=qgeRTuWiAAAA:8 a=2KWHSjavAAAA:8 a=75Ghk_kLkk7KY22p1c0A:9 a=oIvqn5jufpIM-hFHf9QA:7 a=oHfXX1Mbf7e499WDLmqfhmE4LywA:4
a=Ft8UYL4EG9YA:10 a=xFgivOT3nAcA:10
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Received: from [24.154.1.45] ([24.154.1.45:47087] helo=pop-2.zoominternet.net)
by mx-7.zoominternet.net (envelope-from <account.review@cahoot.com>)
(ecelerity 2.2.2.40 r(29895/29896)) with ESMTP
id 70/45-13004-445F7DB4; Wed, 28 Apr 2010 04:43:48 -0400
Received: (qmail 17343 invoked from network); 28 Apr 2010 08:43:56 -0000
Message-ID: <x@cm-1.zoominternet.net>
Received: from unknown (HELO User) (hrm@[218.57.129.21])
(envelope-sender <account.review@cahoot.com>)
by pop-2.zoominternet.net (qmail-ldap-1.03) with SMTP
for <janewilshire@hotmail.com>; 28 Apr 2010 08:43:56 -0000
From: "Cahoot Online"<account.review@cahoot.com>
Subject: IMPORTANT - Customer Service Message
Date: Wed, 28 Apr 2010 09:43:53 +0100
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Account-Key: account8
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-Apparently-To: x
X-YahooFilteredBulk: 24.154.1.26
X-YMailISG:
tDHJ2L8WLDtFagM9yAhfJNZqglwfT80ShGCBUAiMwMV11yNP39NK1kd.dBUKNXWLZipv6Si5iICPOsdT5Mhtmpz0u...
Btk5t.awakgViglh3bWD.Ry.X_viUs9cbNKl2WGrDYi5kmCQqp3IqKL3RUCZAuv0venUsSSc9t0Gsz711PdWfwKVN...
asXQ.08Yp0IzN0hKMMstYYdBDaj2LagCTF.4tmYnauIEyAh7Pn8opz3xJoWOpl99fqACVkeq8ogzQm7YuuRnmK4IP...
ZNkeH.9Vn1Ei6uRvnTjhxPs6fMxoCJOUW4PtlPCXQS7R3tsqyNjC1KuG1SnejqaJ61yoxqVpCJh.mSTiGYTvGpOvg...
RSWJJ8EgxAptXxhzdBlOMmztXHiTp1B4QkA4ap4w_4H6DKYSJCAZvtGZ7QZcLzieaoKaEs9awHKUMJlreMOB7SEGW...
qRDUhQyyf.QsCZdy2PMrwkOH6AXNXFkq4DUvoUiLFy7.MI15xD84w..I.lIkDfjNzTMpUyjMCSR1_CeI0UZGV9gK1...
L1vV1EqVj5.iDeCCei_tuRim8xQBWw_Bq0rSpJGy5sQNyOmoCxsnfvIZZa3N2POTq8GhIFx4o0cHNHD6Kd_pa37ZJ...
EGI0K0j0W9kExyy0L.qZYZS_vb3t.koa9UEscFMfSRkUJMN8S6vPljfnhs52yUc_3hbB9TRl3yfntrYnBsVuVwWng...
X-Originating-IP: [24.154.1.26]
Authentication-Results: mta1003.mail.ukl.yahoo.com from=cahoot.com; domainkeys=neutral (no sig); from=cahoot.com;
dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO cm-1.zoominternet.net) (24.154.1.26)
by mta1003.mail.ukl.yahoo.com with SMTP; Wed, 28 Apr 2010 08:44:00 +0000
X-SpamGroup: 2000
X-CM-Cat: Undefined:Undefined
X-CNFS-Analysis: v=1.0 c=1 a=Dyoqhi_TatcA:10 a=VphdPIyG4kEA:10 a=Cfj4BQAnxiAA:10 a=vHguVU4VNYfipbazFLFZwg==:17
a=qgeRTuWiAAAA:8 a=2KWHSjavAAAA:8 a=75Ghk_kLkk7KY22p1c0A:9 a=oIvqn5jufpIM-hFHf9QA:7 a=oHfXX1Mbf7e499WDLmqfhmE4LywA:4
a=Ft8UYL4EG9YA:10 a=xFgivOT3nAcA:10
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Received: from [24.154.1.45] ([24.154.1.45:47087] helo=pop-2.zoominternet.net)
by mx-7.zoominternet.net (envelope-from <account.review@cahoot.com>)
(ecelerity 2.2.2.40 r(29895/29896)) with ESMTP
id 70/45-13004-445F7DB4; Wed, 28 Apr 2010 04:43:48 -0400
Received: (qmail 17343 invoked from network); 28 Apr 2010 08:43:56 -0000
Message-ID: <x@cm-1.zoominternet.net>
Received: from unknown (HELO User) (hrm@[218.57.129.21])
(envelope-sender <account.review@cahoot.com>)
by pop-2.zoominternet.net (qmail-ldap-1.03) with SMTP
for <janewilshire@hotmail.com>; 28 Apr 2010 08:43:56 -0000
From: "Cahoot Online"<account.review@cahoot.com>
Subject: IMPORTANT - Customer Service Message
Date: Wed, 28 Apr 2010 09:43:53 +0100
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Body:
Dear Cahoot Bank Customer:
For your security, we need you to confirm your detailsto stop unwanted access to your account online.
Please login to your online and visit the secure messages
Get Started
Best Regards,
Thank you for banking us!
Cahoot Online Banking
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Banking Phishing Scam - Cahoot Customer Service MessageBanking Phishing Scam - Natwest - Reactivate your Online Access
Banking Phishing Scam - Barclays New Notification - Update immediately
Chase Banking Phishing Scam - ACTION REQUIED: Notice for your account
Bank of America Phishing Scam - Verification of Your Current Details
Related Malware Samples:
No related malware samples found.[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
Login to your online what? We thought we had to confirm our details, how exactly do you achieve this by visiting the secure messages?
In contrast to the previous Cahoot Banking Phishing Scam, this phishing scam takes the victim to a fake Cahoot website where the phishing scammer collects loads of personal information. After collecting (or rather stealing) the information, the victim is redirected to the real Cahoot website (moving the victim's attention away from the phishing site and adding a false sense of security and legitimacy). However if the victim paid close attention to the website address in the browser's address bar, he/she should have noticed that the website collecting the information, had no connection to the real Cahoot website.
Just ask yourself the simple question, why would Cahoot use the website of a 3rd party to collect information about their clients if they already have their own website? The answer is fairly simple and straightforward, Cahoot will never do something like this. As a matter of fact they will never even send a lousy e-mail like this in the first place.