[Ansteorra] URGENT WARNING - Possible hacking or abuse of acceps contact emails

Haraldr Bassi ansteorra at haraldr.drakkar.org
Tue Aug 2 12:56:18 PDT 2011


Greetings,

I've just received nine emails directly to a unique email address that I use exclusively for 
acceps payments. They imply a security issue that is being investigated (basic phishing 
attempt). I wouldn't follow any of the links in their email.

Delivery headers indicate a failed delivery SPF sender verification:

Received-SPF: fail (mxus0: domain of moneybookers.com does not designate 199.107.0.138 as 
permitted sender) client-ip=199.107.0.138; envelope-from=security at moneybookers.com; 
helo=ISAS.networkengines.com;
Received: from ISAS.networkengines.com ([199.107.0.138])
	by mx.perfora.net (node=mxus0) with ESMTP (Nemesis)
	id 0MEH1k-1QYrvq01c0-00FbTa for acceps at haraldr.drakkar.org; Tue, 02 Aug 2011 12:57:34 -0400
Received: from ISAS.networkengines.com ([127.0.0.1]) by ISAS.networkengines.com with Microsoft 
SMTPSVC(7.0.6001.18485);
	 Tue, 2 Aug 2011 12:57:30 -0400


And I really suspect that we aren't using a UK based processing company for acceps:

  Moneybookers Ltd., London, Registered in England and Wales no 4260907.
  Registered office: Welken House - 10 - 11 Charterhouse Square, London, EC1=
M 6EH,
  United Kingdom. Authorised and regulated by the Financial Services Authori=
ty of the United Kingdom (FSA).


Be wary,
Haraldr Bassi



More information about the Ansteorra mailing list