Phishing PayPal email in my Gmail account

angelchen1111 — Mon, 04 Dec 2006 03:52:49 +0000

I got a phishing spam PayPal email that mimics the address services.paypal.com in my Gmail account, with title “Notification of Limited Account Access,” and a url that asks me to verify my paypal account but pointing to http://www.soios.com/matiz/varios/www.paypal.com/ssl/, which is not paypal’s website. It’s actually from servidor01.mimela.com, not paypal’s server. Here’s part of the heading of the email from the original message, which can be seen in GMail by clicking the arrow next to the reply button and then click “Show original.”
Received: from servidor01.mimela.com ([64.22.85.7]) by mx.google.com with ESMTP id 26si58691192wrl.2006.12.03.18.12.08; Sun, 03 Dec 2006 18:12:08 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning services@paypal.com does not designate 64.22.85.7 as permitted sender) Received: from soios by servidor01.mimela.com with local (Exim 4.52) id 1Gr3KQ-000599-7W for myemail@gmail.com; Mon, 04 Dec 2006 03:13:10 +0100 Content-Type: text/html; charset="iso-8859-1" ............

Message-Id:
Date: Mon, 04 Dec 2006 03:13:10 +0100
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname – servidor01.mimela.com
X-AntiAbuse: Original Domain – gmail.com
X-AntiAbuse: Originator/Caller UID/GID – [32705 32706] / [47 12]
X-AntiAbuse: Sender Address Domain – paypal.com
X-Source:
X-Source-Args:
X-Source-Dir:

Here’s the picture of the email (click for original size):

Copyright © 2008
This feed is for personal, non-commercial use only.
The use of this feed on other websites breaches copyright. If this content is not in your news reader, it makes the page you are viewing an infringement of the copyright. (Digital Fingerprint:
)

Useful tips and stuff that matters » phishing

Phishing PayPal email in my Gmail account