Timcast IRL
X22 Report
AwakenWithJP
Styxhexenhammer666
TheSaltyCracker
TheQuartering
David Icke
Life_N_Times_of_Shane_T_Hanson
Raging Golden Eagle
Tim Pool
SoloMan Zone
Matt Kohrs
RT
Scam email claims to be from Microsoft
2
0
40 Views
Published on 04 Apr 2023 / In
Film & Animation
A scam email making the rounds claims to from Microsoft, informing the recipient that there has been unusual sign-in activity on their account in Russia.
Subscribe to WGAL on YouTube now for more: http://bit.ly/1lIwU2e
Get more Susquehanna Valley news: http://www.wgal.com
Like us: http://www.facebook.com/wgal8
Follow us: http://twitter.com/WGAL
Instagram: https://www.instagram.com/wgal8/
Show more
0
Log in to comment
I almost fell for the scam this morning, it came into my personal email, and I wasn't sure if I could trust the link even though it looked official, it's almost like you can't trust any email that comes your way these days because of shit like this.
If it looks like this, don't trust it, access your account from the main web page not through your email.
https://grabber.themetwally.co....m/media_attachments/
Open the mail as PLAIN TEXT or some other description which shows only code, not an active HTML file
AND you will see legitimate consistencies in the too / from email address's and in the data in the code and in the links from the email to other sites - usually their own sites
I have stripped all the excess and persoally identifying info out of it...
Doing a "who is" is helpful - 10.98.212.170:41293 - then 10.98.212.170. - then ALDI.COM.AU
Delivered-To:
Received: by 2002:7 with SMTP id
Sun, 26 Mar 2023 16:02:45 -0700 (PDT)
X-Google-Smtp-Source: AK7
Sun, 26 Mar 2023
ARC-Seal:
ARC-Message-Signature:
ARC-Authentication-Results:
dkim=pass header.i=@em.aldi.com.au header.s=aldisued header.b=XSOrtggB;
spf=pass (google.com: domain of bounce@em.aldi.com.au designates 63.140.41.181 as permitted sender)
smtp.mailfrom=bounce@em.aldi.com.au;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=aldi.com.au
Return-Path:
smtp.mailfrom=bounce@em.aldi.com.au;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=aldi.com.au
Return-Path:
DKIM-Signature
X-MSFBL:
Received: from [10.98.212.170] ([10.98.212.170:41293] helo=r180.em.aldi.com.au)
b
From: "ALDI Australia"
Subject: On sale Wed 29 Mar - Home Health Care, Kitchen Essentials & Adult Fashion
Date: Mon, 27 Mar 2023 00:02:43 +0100
Reply-To: "ALDI Australia"
MIME-Version: 1.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Basic Searches:
Domain:
aldi.com.au
Registrar:
Corporation Service Company (Aust) Pty Ltd
Updated On:
2023-02-08
Status:
ok
Name Servers:
udns2.cscdns.uk
udns1.cscdns.net
Raw Whois Data ====> ALDI.COM.AU
Domain Name: ALDI.COM.AU
Registry Domain ID: D407400000002443569-AU
Registrar WHOIS Server: whois.auda.org.au
Registrar URL: https://www.cscdigitalbrand.services
Last Modified: 2023-02-08T00:01:00Z
Registrar Name: Corporation Service Company (Aust) Pty Ltd
Registrar Abuse Contact Email: email@cscglobal.com
Registrar Abuse Contact Phone: +1.8887802723
Reseller Name:
Status: ok https://afilias.com.au/get-au/....whois-status-codes#o
Registrant Contact ID: Y133447637147694
Registrant Contact Name: ALDI Stores A Limited Partnership
Tech Contact ID: 593622636789e167
Tech Contact Name: DNS Administrator
Name Server: UDNS2.CSCDNS.UK
Name Server: UDNS1.CSCDNS.NET
DNSSEC: unsigned
Registrant: ALDI FOODS PTY LIMITED
Registrant ID: ACN 086210139
Eligibility Type: Company