An
Email with the Subject "AccountCentral Alert Credit limit reached or exceeded" was
received in one of Scamdex's honeypot email accounts on Thu, 14 Aug 2008 10:13:36 -0700
and has been classified as a Generic Scam Email.
The sender shows as "service@paypal.com" <rmills@gasgiant.websiteactive.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
Scam TagCloud
assistancegaspaypal.compaypalcreditverificationendedwinaccountnotificationrecordsserviceaccesssentonlinemailreference will securityachfor assistance
NO CHART DATA - EMAIL HAS NOT YET BEEN ANALYSED
Scam Email Headers
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => scams@scamdex.com
[delivery-date:] => Thu, 14 Aug 2008 10:13:36 -0700
[received:] => Array
(
[0] => from smh01.opentransfer.com ([71.18.216.112])by gogol.o7e.net with esmtp (Exim 4.69)(envelope-from )id 1KTgOD-0005bP-KMfor scams@scamdex.com; Thu, 14 Aug 2008 10:13:36 -0700
[1] => by smh01.opentransfer.com (Postfix, from userid 8)id 7F0881030154; Thu, 14 Aug 2008 13:12:23 -0400 (EDT)
[2] => from web113.opentransfer.com (web113.opentransfer.com [72.41.223.243])by smh01.opentransfer.com (Postfix) with ESMTP id 5E6CC1030151for ; Thu, 14 Aug 2008 13:12:23 -0400 (EDT)
[3] => from web113.opentransfer.com (localhost [127.0.0.1])by web113.opentransfer.com (8.12.11.20060308/8.12.11) with ESMTP id m7EHDant012942for ; Thu, 14 Aug 2008 12:13:36 -0500
[4] => (from httpd@localhost)by web113.opentransfer.com (8.12.11.20060308/8.12.11) id m7EHDaWJ012928;Thu, 14 Aug 2008 12:13:36 -0500
)
[x-spam-checker-version:] => SpamAssassin 3.2.4 (2008-01-01) onsmh01.opentransfer.com
[x-spam-level:] => ***
[x-spam-status:] => Array
(
[0] => No, score=3.2 required=5.0 tests=HTML_MESSAGE,MIME_HTML_ONLY,TVD_PH_REC autolearn=disabled version=3.2.4
[1] => No, score=1.7
)
[x-opentransfer-url:] => http://nassons.com/quixplorer/FF.php
[date:] => Thu, 14 Aug 2008 12:13:36 -0500
[to:] => scams@scamdex.com
[subject:] => AccountCentral Alert Credit limit reached or exceeded
[from:] => "service@paypal.com"
[x-mailer:] => <1307462657.140@gasgiant.websiteactive.com>
[mime-version:] => 1.0
[content-type:] => text/html
[content-transfer-encoding:] => quoted-printable
[x-spam-score:] => 17
[x-spam-bar:] => +
[x-spam-flag:] => NO
[message-id:] => REIDs3x1239839803.M411374P32690V-S3X
[x-scamdex-scores:] => S:53 P:57 A:59 L:47 E:49 G:44
[x-scamdex-classtype:] => A
[x-scamdex-classscore:] => 59
[x-scamdex-totscore:] => 309
[x-scamdex-kw:] => God,\%,access,account,agent,assistance,check,credit,ended,notification,paypal,records,sent,service,user,verification
[x-scamdex-em:] => httpd@localhost,service@paypal.com
[x-scamdex-dir:] => C
[x-scamdex-id:] => C1239839803.M411374P32690V
[x-scamdex-copyright:] => This Email is Copyright Scamdex.com 2009, Reproduction Prohibited
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
Security
Assistance
It has come to our attention that your account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.
.
However, failure to update your records until 20 August 2008 your account considered as suspension.
Please update your records as soon as this email being sent.
Our system requires further account
verification.
Case ID Number: PP-462-805-057
Once you have updated your account records, your session will not be
interrupted and will continue as normal. as
soon as possible. Allowing your account access to remain
limited for an extended period of
time may result in further limitations on
the use of your account and possible account
closure.
Click here to update your account
You can also confirm your identity by logging into your PayPal account
at Click here.
Thank you for using PayPal!
The PayPal Team
Please do
not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log
in to your PayPal account and choose the "Help" link in the footer of
any page.
To receive email notifications in plain text
instead of HTML, update
your preferences here.
PayPal Email ID PP64582
