| |

Ultra-sneaky dangerous e-mail.

FCRO Subsection: 
Editorial Staff

This might just be the e-mail that launches a million problems, or more. It is incredibly simple and extremely sneaky. And it passes some anti-spam filters.

Apparently from: Leif Tufvesson (caresto@telia.com)
return path: caresto@telia.com
Sending DNS:
SPF Warning: transitioning domain of telia.com does not designate
Caresto.se is the domain of a legitimate business in northern Sweden.
The name and telephone numbers are genuine.
There is no doubt that the company is not responsible for this mail.
Telia.com is a Swedish telco which provides a webmail service with a non-verified indentities.

Dear Sir,
The invoice is now paid. see attached file.
Best regards,

Leif Tufvesson
leif@caresto.se[Links to mailto:leif@caresto.se] | +46(0)431 230 75 | +46(0)70 550 43 15
www.caresto.se[Links to http://www.caresto.se/]


From domain telia.com
Domain Name: TELIA.COM
Registry Domain ID: 4400264_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.corporatedomains.com
Registrar URL: http://www.cscglobal.com/globa...
Updated Date: 2019-08-14T05:23:27Z
Creation Date: 1995-08-19T04:00:00Z
Registry Expiry Date: 2020-08-18T04:00:00Z
Registrar: CSC Corporate Domains, Inc.
Registrar IANA ID: 299
Registrar Abuse Contact Email: domainabuse@cscglobal.com
Registrar Abuse Contact Phone: 8887802723
Domain Status: clientTransferProhibited https://icann.org/epp#clientTr...
Domain Status: serverDeleteProhibited https://icann.org/epp#serverDe...
Domain Status: serverTransferProhibited https://icann.org/epp#serverTr...
Domain Status: serverUpdateProhibited https://icann.org/epp#serverUp...
Name Server: DNS1.TELIA.COM
Name Server: DNS2.TELIA.COM
Name Server: DNS49.DE.TELIA.NET
Name Server: NS02.SAVVIS.NET
DNSSEC: unsigned

For obvious reasons of security, we have not opened the attached document.

---------------- Advertising ----------------

| | |