Nedbank transaction notification #2410-779
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
X-Account-Key: account2
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-Apparently-To: x via 188.125.69.158; Mon, 10 Mar 2014 06:02:33 +0000
X-YahooFilteredBulk: 218.0.5.134
Received-SPF: softfail (transitioning domain of gmail.com does not designate 218.0.5.134 as permitted sender)
X-YMailISG: x
X-Originating-IP: [218.0.5.134]
Authentication-Results: mta1030.mail.ir2.yahoo.com from=gmail.com; domainkeys=neutral (no sig); from=gmail.com;
dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO 218.0.5.134) (218.0.5.134)
by mta1030.mail.ir2.yahoo.com with SMTP; Mon, 10 Mar 2014 06:02:32 +0000
Received: from tccuveiethtetitevilc (192.168.1.60) by tccuveiethtetitevilc. (218.0.5.134) with Microsoft SMTP Server id
8.0.685.24; Mon, 10 Mar 2014 14:02:31 +0800
Message-ID: <x@gmail.com>
Date: Mon, 10 Mar 2014 14:02:31 +0800
From: unspecifiedpr8@gmail.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100921 Thunderbird/3.1.4
MIME-Version: 1.0
To: x
Subject: Nedbank transaction notification #2410-779
Content-Type: multipart/alternative;
boundary="------------07020100707060503050507"
Body:
If the transaction was made by mistake please contact our customer service.
Receipt of payment is attached.
Nedbank Limited Reg No 1951/000009/06, VAT Reg No 4320116074, Nedbank 135 Rivonia Campus, 135 Rivonia Road, Sandown, Sandton, 2196, South Africa. We subscribe to the Code of Banking Practice of The Banking Association South Africa and, for unresolved disputes, support resolution through the Ombudsman for Banking Services. We are an authorised financial services provider. We are a registered credit provider in terms of the National Credit Act (NCR Reg No NCRCP16).
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Banking Phishing Scam - Your LoydsTSB Account will expire on 01 Aug 2012NatWest Credit Card Services Banking Phishing Scam
Banking Phishing Scam - Your Pending EFT Payment!!!
Bank of America Phishing Scam - Verification of Your Current Details
Banking Phishing Scam - Natwest - Reactivate your Online Access
Related Malware Samples:
Payment document (09.03.2104).exe - Trojan.horse.Generic_s.CVN[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
Yeah as if Nedbank will send e-mails to their clients from a GMail account. This is sign number one that this is a scam.
No greeting, just transaction completed. How much is £02003 anyway? This is sign number two that this is a scam.
A zip file called Payment document (10.03.2104).zip was attached to this e-mail. This zip file contained an executable file with the name: Payment document (09.03.2104).exe. This file contains the Trojan horse that will most likely monitor your keystrokes and the websites you visit on order to steal sensitive information like passwords and pin codes. The main target in this specific case is the login details to your bank account.
The scammers seem to be confused with the date of the transaction, is it for 9th or 10th of March? Did the scammers travel through time or are they just dyslexic, because it is the year 2014 and not 2104. This is sign number three that this is a scam. Your bank will never make trivial mistakes like this.
The zip file containing an executable file, disguised as some form of receipt is sign number four that this is a scam. Your bank will most likely send you proof of payment in PDF format, but that is when you make a payment not when you receive money. Furthermore, if the bank knew they made a mistake, why not just reverse the transaction?