dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
7

sm5w2
Premium Member
join:2004-10-13
St Thomas, ON

sm5w2 to Ontario

Premium Member

to Ontario

Re: WARNING -> fake MyBell credit-card-declined spam

Received: from bas1-toronto50-1279677772.dsl.bell.ca (HELO WINSSIL7N84M2Bgateway2wirenet) ([76.70.85.76])

76.70.85.76 = bas1-toronto50-1279677772.dsl.bell.ca

It's a hacked computer, a Bell customer. Someone from Bell needs to come here and explain why they are incapable of detecting this FORM LETTER that their mail servers accept from from infected customers and pass it on to other customers.

These fraud attempt emails have the same format, the same wording and phrases. Why can't their spam filters catch this?

Why can't their servers detect an inordinate amount of SMTP activity coming from these infected systems?

Ontario
@bell.ca

Ontario

Anon

The odd thing about that phishing message is the email address that received it. It's a sympatico.ca address that I created specifically to use when registering an account with Sony Online Entertainment over 10 years ago, and haven't used it for anything else. So how did the hacked machine get that address? So far the address gets 0 spam...hope that isn't about to change.
Ontario

Ontario

Anon

New one targeting BMO customers.

Received: from barion18-1242538297.sdsl.bell.ca (HELO memmento.com) ([74.15.161.57])
by toip36-bus.srvr.bell.ca with ESMTP; 19 Aug 2013 09:28:20 -0400
Return-Path: bmomontreal@cox.net

Dear Customer,
Your account has been SUSPENDED, as an error was detected on your profile
The reason for the error might be:
1. You have changed your billing address.
2. You have Submitted incorrect information during bill payment process.
3. Your credit/debit card has expired.
4. You didn't update your BMO profile.
We need you to update your information here. [links to multiserviciosalfil.com/calendar/tools/index.php]

Thank you for your cooperation