Credit Card - Balance Notice
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
From - Thu Aug 23 17:51:13 2012
X-Account-Key: account9
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Delivered-To: x
Received: by 10.58.114.34 with SMTP id jd2csp751512veb;
Thu, 23 Aug 2012 03:04:42 -0700 (PDT)
Received: by 10.180.84.169 with SMTP id a9mr2767213wiz.8.1345716277855;
Thu, 23 Aug 2012 03:04:37 -0700 (PDT)
Return-Path: <noreply@chefsmenu.com>
Received: from chefsmenu.com ([114.143.213.116])
by mx.google.com with ESMTP id p50si9509588wea.150.2012.08.23.03.04.30;
Thu, 23 Aug 2012 03:04:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of noreply@chefsmenu.com designates 114.143.213.116 as permitted sender)
client-ip=114.143.213.116;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@chefsmenu.com designates 114.143.213.116
as permitted sender) smtp.mail=noreply@chefsmenu.com
Received: from [183.91.75.208] by qnx.mdrost.com with SMTP; Thu, 23 Aug 2012 02:57:28 -0700
Received: from unknown (138.247.109.105)
by smtp4.cyberemailings.com with ESMTP; Thu, 23 Aug 2012 02:48:48 -0700
Received: from smtp.doneohx.com ([Thu, 23 Aug 2012 02:30:19 -0700])
by mailout.endmonthnow.com with SMTP; Thu, 23 Aug 2012 02:30:19 -0700
Message-ID: <x@chefsmenu.com>
Date: Thu, 23 Aug 2012 02:21:19 -0700
From: "noreply" <noreply@chefsmenu.com>
MIME-Version: 1.0
To: x
Subject: Credit Card - Balance Notice
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Account-Key: account9
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Delivered-To: x
Received: by 10.58.114.34 with SMTP id jd2csp751512veb;
Thu, 23 Aug 2012 03:04:42 -0700 (PDT)
Received: by 10.180.84.169 with SMTP id a9mr2767213wiz.8.1345716277855;
Thu, 23 Aug 2012 03:04:37 -0700 (PDT)
Return-Path: <noreply@chefsmenu.com>
Received: from chefsmenu.com ([114.143.213.116])
by mx.google.com with ESMTP id p50si9509588wea.150.2012.08.23.03.04.30;
Thu, 23 Aug 2012 03:04:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of noreply@chefsmenu.com designates 114.143.213.116 as permitted sender)
client-ip=114.143.213.116;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@chefsmenu.com designates 114.143.213.116
as permitted sender) smtp.mail=noreply@chefsmenu.com
Received: from [183.91.75.208] by qnx.mdrost.com with SMTP; Thu, 23 Aug 2012 02:57:28 -0700
Received: from unknown (138.247.109.105)
by smtp4.cyberemailings.com with ESMTP; Thu, 23 Aug 2012 02:48:48 -0700
Received: from smtp.doneohx.com ([Thu, 23 Aug 2012 02:30:19 -0700])
by mailout.endmonthnow.com with SMTP; Thu, 23 Aug 2012 02:30:19 -0700
Message-ID: <x@chefsmenu.com>
Date: Thu, 23 Aug 2012 02:21:19 -0700
From: "noreply" <noreply@chefsmenu.com>
MIME-Version: 1.0
To: x
Subject: Credit Card - Balance Notice
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Body:
|
||||||||||||||||||||||||||||||||||
|
© 2012 Citibank (South Dakota). |
 |
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Orchard Bank Phishing Scam Account Alert Statement AvailableBanking Phishing Scam - Your Chase Credit Card Account
Citibank Phishing Scam - Your Citi Credit Card Statement
NatWest Credit Card Services Banking Phishing Scam
Bank of America Alert Account Has Insufficient Fund
Related Malware Samples:
No related malware samples found.[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
Account Ending In: 6361
Member Since: 2011
This is one of several different phishing scams, all using the same tactics, the title attribute of the links are rigged and the scammers are using fake security measures to create a false sense of security.
Here are a couple of specific pointers to identify these scams:
- Obvious typo's like Cardmember
- The scammers don't know your name: The card member in these examples are always called Customer or the recipient is always addressed as Dear Customer. Your bank will know your name and address you accordingly. Beware, scammers can also know your name, so always look at the e-mail as a whole and not just at one specific characteristic.
- They quote the last 4 digits of an account number and/or a card number. The chances of sending one of these e-mails to an actual customer, where the last 4 digits of both the card and account number, mentioned in the e-mail, match the last 4 digits of the card and account number of that specific customer, is like a million to one. We believe the main purpose of these numbers are to add to the false sense of security the scammer is trying to create. The scammers are bargaining on people who grew accustomed to these safety features and no longer pay attention to them. Their mere presence in the e-mail might make the victim think that the e-mail really came from the organisation in question, without actually looking at the numbers.
Hover with your mouse over the link and you will see that the pop-up tooltip is not the same as the address in the status bar of your browser.
Other scams similar to this one:
Bank of America Phishing Scam
Beneficial Phishing Scam
Orchard Bank Phishing Scam