Phishing Email Received – Scotia Bank

Hello Everyone Please beware of the below email
if you see this email in your inbox please mark as spam and delete

Type of email – Phishing
Email Orgin Ip – 24.196.97.234
Orgin Country – 24.196.97.234 is from United States(US) in region North America
Link in email actually points to http://jailtimeconsulting.com/kikil/index.php

Beginning of the message

This e-mail has been sent by Scotia Bank to $recipient (October 18th, 2012)

ALERT-ID: 898-yj2

Dear customer ([email protected]),

This e-mail has been sent to inform you that your account will be deactivated within the next 24 hours due to several unsuccessful login attemps on your account.
To prevent this to happen please login securely to our activation link below:

https://www2.scotiaonline.scotiabank.com/online1/authentication/Client1-id.0223=

If you have already confirmed your information then please disregard this message.

Regards,
Scotia bank member services.

Headers of message

x-store-info:J++/JTCzmObr++wNraA4Pa4f5Xd6uensydyekesGC2M=
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 61.219.211.222) [email protected]ed2012.vipg.ScotiaBankOnline.com; dkim=none header.d=Scotia-Service.authorized2012.vipg.ScotiaBankOnline.com; x-hmca=none
X-SID-PRA: [email protected]ScotiaBankOnline.com
X-DKIM-Result: None
X-SID-Result: TempError
X-AUTH-Result: NONE
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0xO0Q9MTtHRD0xO1NDTD0w
X-Message-Info: aKlYzGSc+LlZYjyuJfh5TbvOiHB7JMONjE7r6u9GmbItAos1aZj28p5J0THbCXoQtsBIr7EjEH3ZrHJ7AslCkeJz+C+DQ6QMGccFWRR2u5GEK56h4BO0Ng4JJ4ZpwhI5DyjhaZCzJuIfcHsuByeAeg==
Received: from dns.bensia.com.tw ([61.219.211.222]) by SNT0-MC3-F41.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Thu, 18 Oct 2012 09:15:39 -0700
Received: from ntserver.bensia.com.tw ([192.168.2.5]) by DNS with trend_isnt_name_B; Fri, 19 Oct 2012 00:04:31 +0800
Received: from [192.168.16.23] ([24.196.97.234])
by ntserver.bensia.com.tw (Lotus Domino Release 6.0.2CF1)
with ESMTP id 2012101900042855-15896 ;
Fri, 19 Oct 2012 00:04:28 +0800
Date: Thu, 18 Oct 2012 16:04:25 GMT
X-cid: tsledu.7546.3968
From: [email protected]ScotiaBankOnline.com
X-campaignid: badoo 859.47.1.260411162103
X-Bps1: 8857252606
X-Header-Versions: [email protected]
X-MimeOLE: Produced by geraldonline.com
X-Log-Id: 309239
x-im: 38509-f171261bd5
X-LinkedIn-fbl: s-XJmbgVhoYWmQchVIS-IHA669o3zHRUZglPkb9vVXYjz_frhXJLWZAj
X-Ls-Send-Id: b_mrboke6j5h3rbcetrqkb41mrn8======
X-IronPort-AV: E=Sophos;i=”4.68,845,1312153200
To:
X-EMID: 0AA02SK0ICQ03HU050288NJ00L994LE
X-CCEmailDispatchID: 510090
Subject: (ID: seq) Account ALERT! ->
X-CTRc: 210750181
X-WSMTPCK: 77
X-EMV-CampagneId: 4251337
X-Campaign-Id: 3903
Mime-Version: 1.0 (iPod Mail 7E18)
X-BigFish: VPS-15(zz1803M542N217bLzz1202hzz8275bhz2dh2a8h668h34h61h)
X-Serial: s56bjeOrIkQ/a1lF1xE7FgZ6LiKkZGZikwZzsP8pZFTXVZ/
X-Ironport-MID: [0029110]
Message-Id: <[email protected]>
Return-Path: [email protected]ce.authorized2012.vipg.ScotiaBankOnline.com
X-MIMETrack: Itemize by SMTP Server on ntserver/notes-bensia(Release 6.0.2CF1|June 9, 2003) at
2012/10/19 =?Big5?B?pFekyCAxMjowNDoyOQ==?=,
Serialize by Router on ntserver/notes-bensia(Release 6.0.2CF1|June 9, 2003) at
2012/10/19 =?Big5?B?pFekyCAxMjowNDozMQ==?=,
Serialize complete at 2012/10/19 =?Big5?B?pFekyCAxMjowNDozMQ==?=
Content-transfer-encoding: 7bit
Content-type: text/html
X-OriginalArrivalTime: 18 Oct 2012 16:15:39.0392 (UTC) FILETIME=[D0631800:01CDAD4B]

2 thoughts on “Phishing Email Received – Scotia Bank

  1. Your post, Phishing Email Recived – Scotia Bank | Sean Mancini's Network and Internet security blog, is really well written and insightful. Glad I found your website, warm regards!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.