SPAM: Notification of Limited Account Access
<HTML> <HEAD> <xmeta NAME="GENERATOR" Content="Microsoft DHTML Editing Control"> <TITLE></TITLE> </HEAD> <STYLE type=text/css> #message .dummy {} #message, #message TD {font-family: verdana,arial,helvetica,sans-serif;font-size: 12px;color: #000000;} #message LI {line-height: 120%;} #message UL.ppsmallborder {margin:10px 5px 10px 20px;} #message LI.ppsmallborderli {margin:0px 0px 5px 0px;} #message UL.pp_narrow {margin:10px 5px 0px 40px;} #message hr.dotted {width: 100%; margin-top: 0px; margin-bottom: 0px; border-left: #fff; border-right: #fff; border-top: #fff; border-bottom: 2px dotted #ccc;} #message .pp_label {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;font-weight: bold;color: #000000;} #message .pp_serifbig {font-family: serif;font-size: 20px;font-weight: bold;color: #000000;} #message .pp_serif{font-family: serif;font-size: 16px;color: #000000;} #message .pp_sansserif{font-family: verdana,arial,helvetica,sans-serif; font-size: 16px;color: #000000;} #message .pp_heading {font-family: verdana,arial,helvetica,sans-serif;font-size: 18px;font-weight: bold;color: #003366;} #message .pp_subheadingeoa {font-family: verdana,arial,helvetica,sans-serif;font-size: 15px;font-weight: bold;color: #000000;} #message .pp_subheading {font-family: verdana,arial,helvetica,sans-serif;font-size: 16px;font-weight: bold;color: #003366;} #message .pp_sidebartext {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #003366;} #message .pp_sidebartextbold {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;font-weight: bold;color: #003366;} #message .pp_footer {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #aaaaaa;} #message .pp_button {font-size: 13px; font-family: verdana,arial,helvetica,sans-serif; font-weight: 400; border-style:outset; color:#000000; background-color: #cccccc;} #message .pp_smaller {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;color: #000000;} #message .pp_smallersidebar {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;color: #003366;} #message .ppem106 {font-weight: 700;} </STYLE> <TABLE cellSpacing=0 cellPadding=0 width=600 align=center border=0> <TBODY> <TR vAlign=top> <TD><IMG height=35 alt=PayPal src="http://images.paypal.com/en_US/i/logo/email_logo.gif" width=255 border=0></TD> </TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD width="100%" background=http://images.paypal.com/images/bg_clk.gif> <IMG height=29 src="http://images.paypal.com/images/pixel.gif" width=1 border=0></TD></TR> <TR> <TD><IMG height=10 src="http://images.paypal.com/images/pixel.gif" width=1 border=0></TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width=600 align=center border=0> <TBODY> <TR vAlign=top> <TD width=400> <TABLE cellSpacing=0 cellPadding=5 width="100%" border=0> <TBODY> <TR> <TD><p>Dear suse-security@suse.com, </p> <p>As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:<BR> <BR> We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.<BR> <BR> Case ID Number: PP-119-654-452<BR> <BR> For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.<BR> <BR> To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center.<BR> <BR> <BR> </p> <TABLE cellSpacing=0 cellPadding=1 width="75%" align=left bgColor=#ffe65c border=0> <TBODY> <TR> <TD> <TABLE cellSpacing=0 cellPadding=4 width="100%" align=center bgColor=#fffecd border=0> <TBODY> <TR> <TD class=pp_sansserif align=middle><A target="_blank" href="http://rrcs-24-213-195-117.nys.biz.rr.com:81/" onclick="return ShowLinkWarning()" >Click here to verify your account</A></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <p><BR> <BR> <BR> If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.</p> <p> We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience. <BR> <BR></p> <table cellspacing="0" cellpadding="0"> <tr> <td><p>Sincerely,</p></td> </tr> <tr> <td>PayPal Account Review Department </td> </tr> <tr> </tr> </table></TD></TR> <TR> <TD> <HR class=dotted></TD></TR> <TR> <TD><SPAN class=pp_footer>PayPal Email ID PP697</SPAN></TD></TR></TABLE></TD> <TD><IMG height=1 src="http://images.paypal.com/en_US/i/scr/pixel.gif" width=10 border=0></TD> <TD vAlign=top width=190> </HTML>
what a bunch of retards these phishers are. The HTML wasn't even tested ;O) --- "PayPal Inc." <service@paypal.com> wrote:
<HTML> <HEAD> <xmeta NAME="GENERATOR" Content="Microsoft DHTML Editing Control"> <TITLE></TITLE> </HEAD> <STYLE type=text/css> #message .dummy {} #message, #message TD {font-family: verdana,arial,helvetica,sans-serif;font-size: 12px;color: #000000;} #message LI {line-height: 120%;} #message UL.ppsmallborder {margin:10px 5px 10px 20px;} #message LI.ppsmallborderli {margin:0px 0px 5px 0px;} #message UL.pp_narrow {margin:10px 5px 0px 40px;} #message hr.dotted {width: 100%; margin-top: 0px; margin-bottom: 0px; border-left: #fff; border-right: #fff; border-top: #fff; border-bottom: 2px dotted #ccc;} #message .pp_label {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;font-weight: bold;color: #000000;} #message .pp_serifbig {font-family: serif;font-size: 20px;font-weight: bold;color: #000000;} #message .pp_serif{font-family: serif;font-size: 16px;color: #000000;} #message .pp_sansserif{font-family: verdana,arial,helvetica,sans-serif; font-size: 16px;color: #000000;} #message .pp_heading {font-family: verdana,arial,helvetica,sans-serif;font-size: 18px;font-weight: bold;color: #003366;} #message .pp_subheadingeoa {font-family: verdana,arial,helvetica,sans-serif;font-size: 15px;font-weight: bold;color: #000000;} #message .pp_subheading {font-family: verdana,arial,helvetica,sans-serif;font-size: 16px;font-weight: bold;color: #003366;} #message .pp_sidebartext {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #003366;} #message .pp_sidebartextbold {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;font-weight: bold;color: #003366;} #message .pp_footer {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #aaaaaa;} #message .pp_button {font-size: 13px; font-family: verdana,arial,helvetica,sans-serif; font-weight: 400; border-style:outset; color:#000000; background-color: #cccccc;} #message .pp_smaller {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;color: #000000;} #message .pp_smallersidebar {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;color: #003366;} #message .ppem106 {font-weight: 700;} </STYLE>
<TABLE cellSpacing=0 cellPadding=0 width=600 align=center border=0> <TBODY> <TR vAlign=top> <TD><IMG height=35 alt=PayPal
src="http://images.paypal.com/en_US/i/logo/email_logo.gif"
width=255 border=0></TD> </TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD width="100%"
background=http://images.paypal.com/images/bg_clk.gif>
<IMG height=29 src="http://images.paypal.com/images/pixel.gif" width=1 border=0></TD></TR> <TR> <TD><IMG height=10 src="http://images.paypal.com/images/pixel.gif" width=1 border=0></TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width=600 align=center border=0> <TBODY> <TR vAlign=top> <TD width=400> <TABLE cellSpacing=0 cellPadding=5 width="100%" border=0> <TBODY> <TR> <TD><p>Dear suse-security@suse.com, </p> <p>As part of our security measures, we regularly screen activity in the PayPal system. We recently noticed the following issue on your account:<BR> <BR> We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.<BR> <BR> Case ID Number: PP-119-654-452<BR> <BR> For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.<BR> <BR> To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center.<BR> <BR> <BR> </p> <TABLE cellSpacing=0 cellPadding=1 width="75%" align=left bgColor=#ffe65c border=0> <TBODY> <TR> <TD> <TABLE cellSpacing=0 cellPadding=4 width="100%" align=center bgColor=#fffecd border=0> <TBODY> <TR> <TD class=pp_sansserif align=middle><A target="_blank" href="http://rrcs-24-213-195-117.nys.biz.rr.com:81/" onclick="return ShowLinkWarning()" >Click here to verify your
account</A></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE>
<p><BR> <BR> <BR> If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.</p> <p> We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience. <BR> <BR></p> <table cellspacing="0" cellpadding="0"> <tr> <td><p>Sincerely,</p></td> </tr> <tr> <td>PayPal Account Review Department </td> </tr> <tr>
</tr> </table></TD></TR> <TR> <TD> <HR class=dotted></TD></TR> <TR> <TD><SPAN class=pp_footer>PayPal Email ID PP697</SPAN></TD></TR></TABLE></TD> <TD><IMG height=1 src="http://images.paypal.com/en_US/i/scr/pixel.gif" width=10 border=0></TD> <TD vAlign=top width=190>
</HTML>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2006-03-22 at 07:57 -0000, globox wrote:
what a bunch of retards these phishers are. The HTML wasn't even tested
;O)
How did that get through SuSE SpamAssassin, I wonder? Mine gave it a score of 20... and so did SuSE's: X-Spam-Status: Yes, hits=22.0 tagged_above=-20.0 required=5.0 tests=BAYES_99, DNS_FROM_RFC_ABUSE, FORGED_MUA_OIMO, FORGED_RCVD_HELO, HTML_MESSAGE, HTML_MISSING_CTYPE, HTML_TITLE_EMPTY, MIME_BOUND_DD_DIGITS, MISSING_MIMEOLE, MSGID_SPAM_CAPS, RCVD_IN_BL_SPAMCOP_NET, SPOOF_OURI, UNPARSEABLE_RELAY X-Spam-Level: ********************* X-Spam-Flag: YES - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEIR+ftTMYHG2NR9URApvmAJ92zpUqo7L4bt3z0lUkcKtMCGVioQCfe/WU JEZ7DuAJ/mL6uY6OJCpE818= =lu6W -----END PGP SIGNATURE-----
perhaps because the HTML was badly formed, spam assassin got confused, lost track of what was good/bad and gave up? one for the vendor to look at. --- "Carlos E. R." <robin1.listas@tiscali.es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Wednesday 2006-03-22 at 07:57 -0000, globox wrote:
what a bunch of retards these phishers are. The HTML wasn't even tested
;O)
How did that get through SuSE SpamAssassin, I wonder? Mine gave it a score of 20... and so did SuSE's:
X-Spam-Status: Yes, hits=22.0 tagged_above=-20.0 required=5.0 tests=BAYES_99, DNS_FROM_RFC_ABUSE, FORGED_MUA_OIMO, FORGED_RCVD_HELO, HTML_MESSAGE, HTML_MISSING_CTYPE, HTML_TITLE_EMPTY, MIME_BOUND_DD_DIGITS, MISSING_MIMEOLE, MSGID_SPAM_CAPS, RCVD_IN_BL_SPAMCOP_NET, SPOOF_OURI, UNPARSEABLE_RELAY X-Spam-Level: ********************* X-Spam-Flag: YES
- -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76
iD8DBQFEIR+ftTMYHG2NR9URApvmAJ92zpUqo7L4bt3z0lUkcKtMCGVioQCfe/WU
JEZ7DuAJ/mL6uY6OJCpE818= =lu6W -----END PGP SIGNATURE-----
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
On Wed, Mar 22, 2006 at 10:57:50AM +0100, Carlos E. R. wrote:
The Wednesday 2006-03-22 at 07:57 -0000, globox wrote:
what a bunch of retards these phishers are. The HTML wasn't even tested
;O)
How did that get through SuSE SpamAssassin, I wonder? Mine gave it a score of 20... and so did SuSE's:
X-Spam-Status: Yes, hits=22.0 tagged_above=-20.0 required=5.0 tests=BAYES_99, DNS_FROM_RFC_ABUSE, FORGED_MUA_OIMO, FORGED_RCVD_HELO, HTML_MESSAGE, HTML_MISSING_CTYPE, HTML_TITLE_EMPTY, MIME_BOUND_DD_DIGITS, MISSING_MIMEOLE, MSGID_SPAM_CAPS, RCVD_IN_BL_SPAMCOP_NET, SPOOF_OURI, UNPARSEABLE_RELAY X-Spam-Level: ********************* X-Spam-Flag: YES
The mailinglist do not have spam filtering, because they are susbcriber-only. The problem is more that service@paypal.com was subscribed (likely due to ezmlm braindead acknowledging the paypal.com bounces as confirmation). I have unsubscribed all the service@paypal.com style addresses :/ Ciao, Marcus
participants (4)
-
Carlos E. R. -
globox -
Marcus Meissner -
PayPal Inc.