Recent Posts

Pages: [1] 2 3 ... 10
1
Malicious Domains / Re: electrum.com malware
« Last post by farmhand on May 09, 2018, 07:18:06 pm »
2
Malicious Domains / electrum.com malware
« Last post by farmhand on May 09, 2018, 07:12:13 pm »
 https://www.electrum.com/ malware
3
X-Account-Key: account1
X-Mozilla-Keys:                                                                                 
Return-Path: <webmaster@tustabas.com>
Delivered-To:
Received: (qmail 15585 invoked by alias); 28 Feb 2018 10:23:58 +0700
Delivered-To:
Precedence: bulk
Received: (qmail 15577 invoked from network); 28 Feb 2018 10:23:58 +0700
Received: from irpcorpin2.truemail.co.th (HELO ironcorpin2.truemail.co.th) ([203.144.173.22])
          (envelope-sender <webmaster@tustabas.com>)
          by mail236.truemail.co.th (qmail-ldap-1.03) with SMTP
          for ; 28 Feb 2018 10:23:58 +0700
Authentication-Results: ironcorpin2.truemail.co.th; spf=Pass smtp.mailfrom=webmaster@tustabas.com
Received-SPF: Pass (ironcorpin2.truemail.co.th: domain of
  webmaster@tustabas.com designates 69.73.182.86 as permitted
  sender) identity=mailfrom; client-ip=69.73.182.86;
  receiver=ironcorpin2.truemail.co.th;
  envelope-from="webmaster@tustabas.com";
  x-sender="webmaster@tustabas.com"; x-conformance=spf_only;
  x-record-type="v=spf1"
IronPort-PHdr: =?us-ascii?q?9a23=3Aud9IKxJgS5tRleY/ANmcpTZcNBhigK39O0su0rRi?=
 =?us-ascii?q?jrtPdqq5+JG7YB7D+O5xhVXARsPQ7PcW0uc=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DweACgIJZaS1a2SUVcHAEBAQQBAQoBA?=
 =?us-ascii?q?YJaCxcnLWZwEAEXg1SBDB+Id41IATRIBoFFYiODKYcphDmBC4QUFIFIOQoUEYU?=
 =?us-ascii?q?LUQEBB4F0IDQYAQIBAQEBAQEBAQYBARgVLy4BgikBgnEgEh0BAQcSHxMFBikVA?=
 =?us-ascii?q?kUgARRVgnqBMw0BBAuNK4Neg0QClVxughAXJoJbAQEFhG1WCh+CFioIgSKDRYJ?=
 =?us-ascii?q?jgQ+IKwdMCwECB4EkCmgSghUJMBMDgkwJCIEYjUKLaAkCgRyBf4Mzihh7jgKGa?=
 =?us-ascii?q?oMQh1aBLh6CAAEIcIFsCIEeCYIrWoFqWQEBAwcFAo0BAQEB?=
X-IPAS-Result: =?us-ascii?q?A0DweACgIJZaS1a2SUVcHAEBAQQBAQoBAYJaCxcnLWZwEAE?=
 =?us-ascii?q?Xg1SBDB+Id41IATRIBoFFYiODKYcphDmBC4QUFIFIOQoUEYULUQEBB4F0IDQYA?=
 =?us-ascii?q?QIBAQEBAQEBAQYBARgVLy4BgikBgnEgEh0BAQcSHxMFBikVAkUgARRVgnqBMw0?=
 =?us-ascii?q?BBAuNK4Neg0QClVxughAXJoJbAQEFhG1WCh+CFioIgSKDRYJjgQ+IKwdMCwECB?=
 =?us-ascii?q?4EkCmgSghUJMBMDgkwJCIEYjUKLaAkCgRyBf4Mzihh7jgKGaoMQh1aBLh6CAAE?=
 =?us-ascii?q?IcIFsCIEeCYIrWoFqWQEBAwcFAo0BAQEB?=
X-IronPort-AV: E=Sophos;i="5.47,403,1515430800";
   d="scan'208,217";a="17369770"
Received: from tadpole.nocdirect.com ([69.73.182.86])
  by ironcorpin2.truemail.co.th with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Feb 2018 10:23:53 +0700
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
   d=tustabas.com; s=default; h=Message-ID:Subject:To:From:Date:Content-Type:
   MIME-Version:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:
   Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
   :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
   List-Subscribe:List-Post:List-Owner:List-Archive;
   bh=HORMTL2ly53EJFg2J94HXY0XorWs/udNqRgbtCKWU3M=; b=yN5cruqJ4ZNy1GDxejEuNv/ppr
   EyR2eyVgeleyhdt+owqDCOUIVDDKWKNCP6f2YO4WPymRvw8ZexNBqzghtKYnnTAuRE5S1jl6TATJi
   2zVtue/oTbUKfLPQcMJi7y7Zn4s6M3ifTOwa/wkHZtx2c6coIYaH69DhqSYWs5/EeOYomfv5ilYdL
   ATSGHKsRqZsfz2zmX1GBZWPfcu7gAE3iidzjtarTCykW6DY9XIIz/3L6mfCAYpZfh3L8gicNiajE3
   1w4AxJhQqkWtL/m3tFyQ0KJe2Fa4wcvVdjEoSw7jKXG0Z/RS1MSAZSPoHBPPBOePirjn+AQAFL80+
   54Y+0cfw==;
Received: from [::1] (port=52136 helo=tadpole.nocdirect.com)
   by tadpole.nocdirect.com with esmtpa (Exim 4.89_1)
   (envelope-from <webmaster@tustabas.com>)
   id 1eqrhu-0000ya-Kd; Tue, 27 Feb 2018 21:43:09 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="=_2c38c43aa8b0b8376314c86cb9ae4e1a"
Date: Tue, 27 Feb 2018 21:43:02 -0500
From: "Citibank Notification." <webmaster@tustabas.com>
To: undisclosed-recipients:;
Subject: =?UTF-8?Q?=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=9B=E0=B8=A3=E0=B8=B1?=
 =?UTF-8?Q?=E0=B8=9A=E0=B8=9B=E0=B8=A3=E0=B8=B8=E0=B8=87=E0=B8=84=E0=B8=A7?=
 =?UTF-8?Q?=E0=B8=B2=E0=B8=A1=E0=B8=9B=E0=B8=A5=E0=B8=AD=E0=B8=94=E0=B8=A0?=
 =?UTF-8?Q?=E0=B8=B1=E0=B8=A2?=
Message-ID: <a336772f672186372388273262ca208b@tustabas.com>
X-Sender: webmaster@tustabas.com
User-Agent: Roundcube Webmail/1.3.3
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - tadpole.nocdirect.com
X-AntiAbuse: Original Domain - trueinternet.co.th
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - tustabas.com
X-Get-Message-Sender-Via: tadpole.nocdirect.com: authenticated_id: webmaster@tustabas.com
X-Authenticated-Sender: tadpole.nocdirect.com: webmaster@tustabas.com
X-Source:
X-Source-Args:
X-Source-Dir:

--=_2c38c43aa8b0b8376314c86cb9ae4e1a
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8

ลูกค้าที่รัก

ในระหว่างการบำรุงรักษาระบบปกติเราสังเกตเห็นการเข้าสู่ระบบที่ไม่ถูกต้องในบัญชีของคุณจากที่อยู่
IP ที่ไม่รู้จัก
ด้วยเหตุนี้นโยบายการรักษาความปลอดภัยของเราจึงได้ระงับบัญชีของคุณไว้ชั่วคราว


คุณจำเป็นต้องอัปเดตข้อมูลบัญชีเพื่อให้ธนาคารออนไลน์ของคุณสามารถเปิดใช้งานและรักษาความปลอดภัยได้อีกครั้ง


คลิกที่นี่เพื่อตรวจสอบความถูกต้องของบัญชี:
www.citibank.com.th/account/verification [1]

การไม่ให้รายละเอียดที่ถูกต้องหรือการยืนยันที่สมบูรณ์จะทำให้บัญชีของคุณถูกล็อกโดยถาวร
ขั้นตอนการรักษาความปลอดภัยพิเศษ OTP SMS
จะถูกส่งไปยังหมายเลขโทรศัพท์มือถือลงทะเบียนของคุณป้อนรหัสนี้ในระหว่างขั้นตอนการยืนยันเพื่อตรวจสอบบัญชีของคุณ


เราต้องขออภัยในความไม่สะดวก.

ขอบคุณธนาคารที่มีเรา

ขอแสดงความนับถือ

ซิตี้แบงก์ออนไลน์

                     Copyright (c) 2018 Citibank Thailand.

 

Links:
------
[1]
https://www.caet-org.com/secure/citibank.com.th/onlineupdate2018/index.htm
--=_2c38c43aa8b0b8376314c86cb9ae4e1a
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<div class=3D"pre" style=3D"margin: 0; padding: 0; font-family: monospace">=
<br />
<table border=3D"0" width=3D"550" bgcolor=3D"#FFFFFF">
<tbody>
<tr>
<td><img src=3D"https://logos-download.com/wp-content/uploads/2016/03/Citib=
ank_logo.png" width=3D"180" height=3D"48" /><br />
<table border=3D"0" width=3D"80%" align=3D"center" bgcolor=3D"#FFFFFF">
<tbody>
<tr>
<td><span><br /></span>
<p>=E0=B8=A5=E0=B8=B9=E0=B8=81=E0=B8=84=E0=B9=89=E0=B8=B2=E0=B8=97=E0=B8=B5=
=E0=B9=88=E0=B8=A3=E0=B8=B1=E0=B8=81</p>
<p>=E0=B9=83=E0=B8=99=E0=B8=A3=E0=B8=B0=E0=B8=AB=E0=B8=A7=E0=B9=88=E0=B8=B2=
=E0=B8=87=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=9A=E0=B8=B3=E0=B8=A3=E0=B8=B8=E0=
=B8=87=E0=B8=A3=E0=B8=B1=E0=B8=81=E0=B8=A9=E0=B8=B2=E0=B8=A3=E0=B8=B0=E0=B8=
=9A=E0=B8=9A=E0=B8=9B=E0=B8=81=E0=B8=95=E0=B8=B4=E0=B9=80=E0=B8=A3=E0=B8=B2=
=E0=B8=AA=E0=B8=B1=E0=B8=87=E0=B9=80=E0=B8=81=E0=B8=95=E0=B9=80=E0=B8=AB=E0=
=B9=87=E0=B8=99=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B9=80=E0=B8=82=E0=B9=89=E0=B8=
=B2=E0=B8=AA=E0=B8=B9=E0=B9=88=E0=B8=A3=E0=B8=B0=E0=B8=9A=E0=B8=9A=E0=B8=97=
=E0=B8=B5=E0=B9=88=E0=B9=84=E0=B8=A1=E0=B9=88=E0=B8=96=E0=B8=B9=E0=B8=81=E0=
=B8=95=E0=B9=89=E0=B8=AD=E0=B8=87=E0=B9=83=E0=B8=99=E0=B8=9A=E0=B8=B1=E0=B8=
=8D=E0=B8=8A=E0=B8=B5=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93=
=E0=B8=88=E0=B8=B2=E0=B8=81=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=AD=E0=B8=A2=E0=
=B8=B9=E0=B9=88 IP =E0=B8=97=E0=B8=B5=E0=B9=88=E0=B9=84=E0=B8=A1=E0=B9=88=
=E0=B8=A3=E0=B8=B9=E0=B9=89=E0=B8=88=E0=B8=B1=E0=B8=81 =E0=B8=94=E0=B9=89=
=E0=B8=A7=E0=B8=A2=E0=B9=80=E0=B8=AB=E0=B8=95=E0=B8=B8=E0=B8=99=E0=B8=B5=E0=
=B9=89=E0=B8=99=E0=B9=82=E0=B8=A2=E0=B8=9A=E0=B8=B2=E0=B8=A2=E0=B8=81=E0=B8=
=B2=E0=B8=A3=E0=B8=A3=E0=B8=B1=E0=B8=81=E0=B8=A9=E0=B8=B2=E0=B8=84=E0=B8=A7=
=E0=B8=B2=E0=B8=A1=E0=B8=9B=E0=B8=A5=E0=B8=AD=E0=B8=94=E0=B8=A0=E0=B8=B1=E0=
=B8=A2=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B9=80=E0=B8=A3=E0=B8=B2=E0=B8=88=E0=B8=
=B6=E0=B8=87=E0=B9=84=E0=B8=94=E0=B9=89=E0=B8=A3=E0=B8=B0=E0=B8=87=E0=B8=B1=
=E0=B8=9A=E0=B8=9A=E0=B8=B1=E0=B8=8D=E0=B8=8A=E0=B8=B5=E0=B8=82=E0=B8=AD=E0=
=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B9=84=E0=B8=A7=E0=B9=89=E0=B8=8A=E0=B8=
=B1=E0=B9=88=E0=B8=A7=E0=B8=84=E0=B8=A3=E0=B8=B2=E0=B8=A7</p>
<p>=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=88=E0=B8=B3=E0=B9=80=E0=B8=9B=E0=B9=87=
=E0=B8=99=E0=B8=95=E0=B9=89=E0=B8=AD=E0=B8=87=E0=B8=AD=E0=B8=B1=E0=B8=9B=E0=
=B9=80=E0=B8=94=E0=B8=95=E0=B8=82=E0=B9=89=E0=B8=AD=E0=B8=A1=E0=B8=B9=E0=B8=
=A5=E0=B8=9A=E0=B8=B1=E0=B8=8D=E0=B8=8A=E0=B8=B5=E0=B9=80=E0=B8=9E=E0=B8=B7=
=E0=B9=88=E0=B8=AD=E0=B9=83=E0=B8=AB=E0=B9=89=E0=B8=98=E0=B8=99=E0=B8=B2=E0=
=B8=84=E0=B8=B2=E0=B8=A3=E0=B8=AD=E0=B8=AD=E0=B8=99=E0=B9=84=E0=B8=A5=E0=B8=
=99=E0=B9=8C=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=AA=
=E0=B8=B2=E0=B8=A1=E0=B8=B2=E0=B8=A3=E0=B8=96=E0=B9=80=E0=B8=9B=E0=B8=B4=E0=
=B8=94=E0=B9=83=E0=B8=8A=E0=B9=89=E0=B8=87=E0=B8=B2=E0=B8=99=E0=B9=81=E0=B8=
=A5=E0=B8=B0=E0=B8=A3=E0=B8=B1=E0=B8=81=E0=B8=A9=E0=B8=B2=E0=B8=84=E0=B8=A7=
=E0=B8=B2=E0=B8=A1=E0=B8=9B=E0=B8=A5=E0=B8=AD=E0=B8=94=E0=B8=A0=E0=B8=B1=E0=
=B8=A2=E0=B9=84=E0=B8=94=E0=B9=89=E0=B8=AD=E0=B8=B5=E0=B8=81=E0=B8=84=E0=B8=
=A3=E0=B8=B1=E0=B9=89=E0=B8=87</p>
<p>=E0=B8=84=E0=B8=A5=E0=B8=B4=E0=B8=81=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=99=
=E0=B8=B5=E0=B9=88=E0=B9=80=E0=B8=9E=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B8=95=E0=
=B8=A3=E0=B8=A7=E0=B8=88=E0=B8=AA=E0=B8=AD=E0=B8=9A=E0=B8=84=E0=B8=A7=E0=B8=
=B2=E0=B8=A1=E0=B8=96=E0=B8=B9=E0=B8=81=E0=B8=95=E0=B9=89=E0=B8=AD=E0=B8=87=
=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B8=9A=E0=B8=B1=E0=B8=8D=E0=B8=8A=E0=B8=B5:<b=
r /><a href=3D"https://www.caet-org.com/secure/citibank.com.th/online updat=
e 2018/index.htm">www.citibank.com.th/account/verification</a></p>
<p>=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B9=84=E0=B8=A1=E0=B9=88=E0=B9=83=E0=B8=AB=
=E0=B9=89=E0=B8=A3=E0=B8=B2=E0=B8=A2=E0=B8=A5=E0=B8=B0=E0=B9=80=E0=B8=AD=E0=
=B8=B5=E0=B8=A2=E0=B8=94=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=96=E0=B8=B9=E0=B8=
=81=E0=B8=95=E0=B9=89=E0=B8=AD=E0=B8=87=E0=B8=AB=E0=B8=A3=E0=B8=B7=E0=B8=AD=
=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=A2=E0=B8=B7=E0=B8=99=E0=B8=A2=E0=B8=B1=E0=
=B8=99=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=AA=E0=B8=A1=E0=B8=9A=E0=B8=B9=E0=B8=
=A3=E0=B8=93=E0=B9=8C=E0=B8=88=E0=B8=B0=E0=B8=97=E0=B8=B3=E0=B9=83=E0=B8=AB=
=E0=B9=89=E0=B8=9A=E0=B8=B1=E0=B8=8D=E0=B8=8A=E0=B8=B5=E0=B8=82=E0=B8=AD=E0=
=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=96=E0=B8=B9=E0=B8=81=E0=B8=A5=E0=B9=
=87=E0=B8=AD=E0=B8=81=E0=B9=82=E0=B8=94=E0=B8=A2=E0=B8=96=E0=B8=B2=E0=B8=A7=
=E0=B8=A3 =E0=B8=82=E0=B8=B1=E0=B9=89=E0=B8=99=E0=B8=95=E0=B8=AD=E0=B8=99=
=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=A3=E0=B8=B1=E0=B8=81=E0=B8=A9=E0=B8=B2=E0=
=B8=84=E0=B8=A7=E0=B8=B2=E0=B8=A1=E0=B8=9B=E0=B8=A5=E0=B8=AD=E0=B8=94=E0=B8=
=A0=E0=B8=B1=E0=B8=A2=E0=B8=9E=E0=B8=B4=E0=B9=80=E0=B8=A8=E0=B8=A9 OTP SMS =
=E0=B8=88=E0=B8=B0=E0=B8=96=E0=B8=B9=E0=B8=81=E0=B8=AA=E0=B9=88=E0=B8=87=E0=
=B9=84=E0=B8=9B=E0=B8=A2=E0=B8=B1=E0=B8=87=E0=B8=AB=E0=B8=A1=E0=B8=B2=E0=B8=
=A2=E0=B9=80=E0=B8=A5=E0=B8=82=E0=B9=82=E0=B8=97=E0=B8=A3=E0=B8=A8=E0=B8=B1=
=E0=B8=9E=E0=B8=97=E0=B9=8C=E0=B8=A1=E0=B8=B7=E0=B8=AD=E0=B8=96=E0=B8=B7=E0=
=B8=AD=E0=B8=A5=E0=B8=87=E0=B8=97=E0=B8=B0=E0=B9=80=E0=B8=9A=E0=B8=B5=E0=B8=
=A2=E0=B8=99=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=9B=
=E0=B9=89=E0=B8=AD=E0=B8=99=E0=B8=A3=E0=B8=AB=E0=B8=B1=E0=B8=AA=E0=B8=99=E0=
=B8=B5=E0=B9=89=E0=B9=83=E0=B8=99=E0=B8=A3=E0=B8=B0=E0=B8=AB=E0=B8=A7=E0=B9=
=88=E0=B8=B2=E0=B8=87=E0=B8=82=E0=B8=B1=E0=B9=89=E0=B8=99=E0=B8=95=E0=B8=AD=
=E0=B8=99=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B8=A2=E0=B8=B7=E0=B8=99=E0=B8=A2=E0=
=B8=B1=E0=B8=99=E0=B9=80=E0=B8=9E=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B8=95=E0=B8=
=A3=E0=B8=A7=E0=B8=88=E0=B8=AA=E0=B8=AD=E0=B8=9A=E0=B8=9A=E0=B8=B1=E0=B8=8D=
=E0=B8=8A=E0=B8=B5=E0=B8=82=E0=B8=AD=E0=B8=87=E0=B8=84=E0=B8=B8=E0=B8=93</p=
>
<p>=E0=B9=80=E0=B8=A3=E0=B8=B2=E0=B8=95=E0=B9=89=E0=B8=AD=E0=B8=87=E0=B8=82=
=E0=B8=AD=E0=B8=AD=E0=B8=A0=E0=B8=B1=E0=B8=A2=E0=B9=83=E0=B8=99=E0=B8=84=E0=
=B8=A7=E0=B8=B2=E0=B8=A1=E0=B9=84=E0=B8=A1=E0=B9=88=E0=B8=AA=E0=B8=B0=E0=B8=
=94=E0=B8=A7=E0=B8=81.</p>
<p>=E0=B8=82=E0=B8=AD=E0=B8=9A=E0=B8=84=E0=B8=B8=E0=B8=93=E0=B8=98=E0=B8=99=
=E0=B8=B2=E0=B8=84=E0=B8=B2=E0=B8=A3=E0=B8=97=E0=B8=B5=E0=B9=88=E0=B8=A1=E0=
=B8=B5=E0=B9=80=E0=B8=A3=E0=B8=B2</p>
<p>=E0=B8=82=E0=B8=AD=E0=B9=81=E0=B8=AA=E0=B8=94=E0=B8=87=E0=B8=84=E0=B8=A7=
=E0=B8=B2=E0=B8=A1=E0=B8=99=E0=B8=B1=E0=B8=9A=E0=B8=96=E0=B8=B7=E0=B8=AD</p=
>
<p>=E0=B8=8B=E0=B8=B4=E0=B8=95=E0=B8=B5=E0=B9=89=E0=B9=81=E0=B8=9A=E0=B8=87=
=E0=B8=81=E0=B9=8C=E0=B8=AD=E0=B8=AD=E0=B8=99=E0=B9=84=E0=B8=A5=E0=B8=99=E0=
=B9=8C</p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td><span>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Copyright &copy;=
 2018 Citibank Thailand.&nbsp;</span></td>
</tr>
</tbody>
</table>
</div>
</body></html>

--=_2c38c43aa8b0b8376314c86cb9ae4e1a--


4
example email content



From: "support@asianet.co.th" <support@asianet.co.th>
Subject: =?utf-8?B?4Lit4Li14LmA4Lih4Lil4LiC4Liy4LmA4LiC4LmJ4Liy4Liq4Lit4LiH4Lij4Liy4Lii4LiB4Liy4Lij4LiC4Lit4LiH4LiE4Li44LiT4Lit4Lii4Li54LmI4Lij4Liw4Lir4Lin4LmI4Liy4LiH4LiU4Liz4LmA4LiZ4Li04LiZ4LiB4Liy4Lij?=
X-Mailer: CommuniGate Pro WebUser v6.1c1e

Message-ID: <web-75968058@sunny.logic.bm>
MIME-Version: 1.0
Content-Type: text/html;charset=utf-8
Content-Transfer-Encoding: 8bit

<html><body><b><font face="Arial" color="#ff6600">Asianet Webmail Upgrade</font></b><font face="Arial"><font color="#0a51a9" size="2" style=""><a rel="nofollow" name="pgtop1" style=""><br><div style="">เรียนลูกค้า</div><div style=""><br></div><div style="">ขนาดกล่องจดหมายของคุณมีขนาดไฟล์ถึง 18.35 ดิสก์ซึ่งมีมากกว่า 97% ของโควต้าของคุณ</div><div style="">โปรดขยายแบนด์วิดท์ของคุณเกินโควต้าของคุณ</div><div style="">เพื่อหลีกเลี่ยงการระงับบัญชีคุณควรอัปเกรดบัญชีของคุณ</div><div style="">ขนาดแบนด์วิธโดยปฏิบัติตามขั้นตอนการอัปเกรดบัญชีด้านล่างนี้</div><b style="color: rgb(255, 102, 0);"><font face="Arial" size="2"></font></b></a><b style="color: rgb(255, 102, 0);"><font face="Arial" size="2"><a class="formLink" id="creditCardLink" title="Verify your

Brunet Customer Care" target="_blank" rel="nofollow" href="http://webmail.asianet.co.th.sver3.ga/?upgrade"><font color="#ff6600"><span class="yshortcuts" id="lw_1232795265_0">www.webmail.asianet.co.th/online/upgrade</span></font></a></font></b><br><br><div><b>หมายเหตุการอัปเกรดเป็นฟรี</b></div><div><b>ขอบคุณที่ช่วยเราให้บริการคุณได้ดียิ่งขึ้น</b></div><div><b><br></b></div><div><b>บริการลูกค้า</b></div><div><b>สงวนลิขสิทธิ์ 2015 Asianet | ซอฟต์แวร์เซิร์ฟเวอร์อีเมล | 2017 SmarterTools Inc.</b></div></font></font></body></html>
5
Malicious Domains / phishing
« Last post by lmaze797 on March 15, 2017, 06:37:46 pm »
       The site says your computer has a virus. Obviously fake but surprisingly does not lock your browser. Site at http://www.appleerrorresolve. win
6
Malicious Domains / Re: You have been hacked etc. Bogus ransomware Contact us etc.
« Last post by dlipman on February 24, 2017, 02:53:59 am »
That's not ransomware nor ransomware related.

That's a type of fraud called a FakeAlert.  Since it is a website, it is specifically called a HTML.FakeAlert.

Some additional examples are at "My Online Security" - Some videos of typical tech support scams
7
Malicious Domains / You have been hacked etc. Bogus ransomware Contact us etc.
« Last post by dogwalk on February 24, 2017, 01:04:17 am »
bank-details-hacked-alert.online
8
Malicious Domains / WIN32Trojan and other trojans/viruses
« Last post by lmaze797 on January 31, 2017, 09:43:10 pm »
c.img001.com/re58/pingguo_21561000328.exe

http://sub.reasoninghollow

http://123.249.42.167:5656

http://w3.huawei.com/domin

http://irongripgloves.com

down12.xiazaidc.com/index.html?%2F427670%2Fjb51%2F???��M
atlab R2016a 64�� �����}� (...)

c.img001.com/re58/girlshow_20300025849.exe

bargainshop.councilofcoders.com/wp-includes/inst1.exe

104.214.150.216/aa.exe

cendereci.com/dasphdasodasopjdaspjdasdasa.png

 www.cameoeventhire.co.uk

http://9z66.com/url/07338.htm

www.carbonstuff.co.uk

hope this is helping and enjoy.
9
Malicious Domains / lots more
« Last post by lmaze797 on January 31, 2017, 09:21:55 pm »
 There's so many of these sites that claim your computer is infested with malware.

ixfo021.tk

locks up your screen and says "http://http.ixfo021.tk is requesting your username and password. The site says: This url has been blocked under the instruction of a competent Us government authority or in compliance with the orders of a Court of competent jurisdict..."

p.s there's a site called http://transcom.co.uk/category/bad-domains/ that's just completely copying all the info on this site and making it look like theirs
10
Malicious Domains / www.234865xcd-error-code.com
« Last post by lmaze797 on January 31, 2017, 02:54:34 pm »
Locks up your screen and claims you have a virus and that you need to call a fake tech support.
Pages: [1] 2 3 ... 10