GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Klen · 08-06-2012, 02:45 AM

Just got mail with following content:
Canceled Transfer

Transfer id:
48369

Reason for rejection
View details in the report below

Transfer report
(url leading to some in domain) report_43237.pdf.exe (self-extracting archive, Adobe PDF)

13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171, (703) 561-1100

2012 NACHA - The Electronic Payments Association
It's obvious how it's phishing since it's url leading to exe file plus in extension domain,really lame attempt to install malware into computer.But the real question is,how did they got e-mail adress?Since i use that e-mail only for ccbill sponsors,so it's seems some sponsor db could be compromised.I suppose i really need to use unique mail for each sponsor to know who exactly is compromised in such situations.
Here i pasted full message source:
http://pastebin.com/1a073pZy

08-06-2012, 02:45 AM
Klen Industry Role: Join Date: Aug 2006 Location: Little Vienna Posts: 32,235	Lame phising mail Just got mail with following content: Canceled Transfer Transfer id: 48369 Reason for rejection View details in the report below Transfer report (url leading to some in domain) report_43237.pdf.exe (self-extracting archive, Adobe PDF) 13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171, (703) 561-1100 2012 NACHA - The Electronic Payments Association It's obvious how it's phishing since it's url leading to exe file plus in extension domain,really lame attempt to install malware into computer.But the real question is,how did they got e-mail adress?Since i use that e-mail only for ccbill sponsors,so it's seems some sponsor db could be compromised.I suppose i really need to use unique mail for each sponsor to know who exactly is compromised in such situations. Here i pasted full message source: http://pastebin.com/1a073pZy