API tools faq
paste
wavellan

20221208_PHISHING_SCAM_1

wavellan
Dec 8th, 2022
482
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.26 KB | None | 0 0
raw download clone embed print report
  1. Hello,
  2.  
  3. We’ve recently detected some suspicious activity on your Square account. We want to make sure that your account is safe, so we have temporarily disabled it until we can get in touch with you directly.
  4. We’re here to help you get back up and running. Please respond to this information request. squareup.com/login?ID923120709 (http[:]//66799.eagles-roost.com/) as soon as possible, and we’ll review it and reset it instantly.
  5.  
  6. Sincerely,
  7. The Square Secure Team
  8.  
  9.  
  10.  
  11.  
  12. Received: from CO6PR05MB7651.namprd05.prod.outlook.com (2603:10b6:5:340::9) by
  13. MWHPR0501MB3899.namprd05.prod.outlook.com with HTTPS; Thu, 8 Dec 2022
  14. 14:06:30 +0000
  15. Received: from MW4PR04CA0098.namprd04.prod.outlook.com (2603:10b6:303:83::13)
  16. by CO6PR05MB7651.namprd05.prod.outlook.com (2603:10b6:5:340::9) with
  17. Microsoft SMTP Server (version=TLS1_2,
  18. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.8; Thu, 8 Dec
  19. 2022 14:06:29 +0000
  20. Received: from MW2NAM12FT075.eop-nam12.prod.protection.outlook.com
  21. (2603:10b6:303:83:cafe::1) by MW4PR04CA0098.outlook.office365.com
  22. (2603:10b6:303:83::13) with Microsoft SMTP Server (version=TLS1_2,
  23. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.16 via Frontend
  24. Transport; Thu, 8 Dec 2022 14:06:29 +0000
  25. Authentication-Results: spf=pass (sender IP is 209.85.221.193)
  26. smtp.mailfrom=kean.edu; dkim=pass (signature was verified)
  27. header.d=kean.edu;dmarc=pass action=none header.from=kean.edu;compauth=pass
  28. reason=100
  29. Received-SPF: Pass (protection.outlook.com: domain of kean.edu designates
  30. 209.85.221.193 as permitted sender) receiver=protection.outlook.com;
  31. client-ip=209.85.221.193; helo=mail-vk1-f193.google.com; pr=C
  32. Received: from mail-vk1-f193.google.com (209.85.221.193) by
  33. MW2NAM12FT075.mail.protection.outlook.com (10.13.181.223) with Microsoft SMTP
  34. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
  35. 15.20.5924.4 via Frontend Transport; Thu, 8 Dec 2022 14:06:29 +0000
  36. Received: by mail-vk1-f193.google.com with SMTP id v81so656140vkv.5
  37. for <>; Thu, 08 Dec 2022 06:06:29 -0800 (PST)
  38. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  39. d=kean.edu; s=google;
  40. h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
  41. :date:message-id:reply-to;
  42. bh=wTqs+Tx62ukz+N8sMehrA6jjXssXYBI8ghxIK3snnZw=;
  43. b=DFkTlKzOwGZlR74Vwi8f1heYKEfCFHha0tak4KjpBC5tE9bJFF8T1RPG7Kd899w1pq
  44. XG4VwxnHd0Zhm34SXkM/InZNzv/vdcgoPHEAMm+SgMxWkeY9B+00tpSVVVA7WztMLpmV
  45. yWktPS6djwaLEN2BTW+lP9apftFSaEac7AGRc=
  46. X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  47. d=1e100.net; s=20210112;
  48. h=to:subject:message-id:date:from:mime-version:x-gm-message-state
  49. :from:to:cc:subject:date:message-id:reply-to;
  50. bh=wTqs+Tx62ukz+N8sMehrA6jjXssXYBI8ghxIK3snnZw=;
  51. b=Y+1jDHRg5xE+5gkKDh/v4SbdVi7STr/l5T/B7jhyKp9ICUPxK8iDI2M6nvcWpekYk5
  52. FHC3LioeczVsCn5XyufbDpe7LVlPprLHn9SENgyYyo9HcHiY41VWSQb6MD9wd04Q9DOH
  53. JuYpxPx3j9Yf49YKQm64o51xNeH5NxHgerbfwvg2aFMOGKVtyWAiexP9IEkmnh6c2QaN
  54. 1brsTekOvyzRsRIeSBu/9a2WQYdKoG/GeX4xH7glh3l6BpNkkRTQ7sajKUNT56oyKVCj
  55. fmFiYe/xjP1knPUTGDtk/alRO10/RGvK3awCaq3eCQCt3sHlHP6kjW+tpcpxWP20EL7a
  56. 9jBA==
  57. X-Gm-Message-State: ANoB5plvkpKyy3nt7DtzHdQqUNp868iFNokyOTxqgh+hq5gRC8x1JKI/
  58. OVTSdsRbHEl/2ncnP71iy3j4b9XIylmrJgBgDUj3zg==
  59. X-Google-Smtp-Source: AA0mqf6v2qts3b2WSYUdlZe8RSMxMLuhSgGq+eEpzUaBjT8CoWAt/RObf/CX0hzFNulV5oQCaoDqRP9x9AuW/IJZXXY=
  60. X-Received: by 2002:a1f:edc6:0:b0:3bc:b66b:fe7 with SMTP id
  61. l189-20020a1fedc6000000b003bcb66b0fe7mr34291154vkh.20.1670508387807; Thu, 08
  62. Dec 2022 06:06:27 -0800 (PST)
  63. MIME-Version: 1.0
  64. From: Squareup 39 <[email protected]>
  65. Date: Thu, 8 Dec 2022 06:06:09 -0800
  66. Message-ID: <CANzoNKoLc8sB3bKkoKmQ8tyB50mr_DC=J=qakGMxj+BnSHQq0Q@mail.gmail.com>
  67. Subject: Your account is on hold
  68. To: Square <[email protected]>
  69. Bcc:
  70. Return-Path: [email protected]
  71. X-MS-Exchange-Organization-ExpirationStartTime: 08 Dec 2022 14:06:29.4059
  72. (UTC)
  73. X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
  74. X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
  75. X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
  76. X-MS-Exchange-Organization-Network-Message-Id:
  77. 3a63ba3d-35ff-4661-5073-08dad9256728
  78. X-EOPAttributedMessage: 0
  79. X-EOPTenantAttributedMessage: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a:0
  80. X-MS-Exchange-Organization-MessageDirectionality: Incoming
  81. X-MS-PublicTrafficType: Email
  82. X-MS-TrafficTypeDiagnostic: MW2NAM12FT075:EE_|CO6PR05MB7651:EE_
  83. X-MS-Exchange-Organization-AuthSource:
  84. MW2NAM12FT075.eop-nam12.prod.protection.outlook.com
  85. X-MS-Exchange-Organization-AuthAs: Anonymous
  86. X-MS-Office365-Filtering-Correlation-Id: 3a63ba3d-35ff-4661-5073-08dad9256728
  87. X-MS-Exchange-Organization-SCL: 1
  88. X-Microsoft-Antispam: BCL:0;
  89. X-Forefront-Antispam-Report:
  90. CIP:209.85.221.193;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail-vk1-f193.google.com;PTR:mail-vk1-f193.google.com;CAT:NONE;SFS:(13230022)(451199015)(5660300002)(33964004)(6862004)(75432002)(83080400003)(9686003)(26005)(8676002)(86362001)(356005)(55446002)(336012)(166002)(7596003)(7636003)(42186006)(83380400001)(1096003)(6666004)(15650500001)(84970400001)(11970500018);DIR:INB;
  91. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Dec 2022 14:06:29.3434
  92. (UTC)
  93. X-MS-Exchange-CrossTenant-Network-Message-Id: 3a63ba3d-35ff-4661-5073-08dad9256728
  94. X-MS-Exchange-CrossTenant-Id: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a
  95. X-MS-Exchange-CrossTenant-AuthSource:
  96. MW2NAM12FT075.eop-nam12.prod.protection.outlook.com
  97. X-MS-Exchange-CrossTenant-AuthAs: Anonymous
  98. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
  99. X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR05MB7651
  100. X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.2246857
  101. X-MS-Exchange-Processed-By-BccFoldering: 15.20.5880.016
  102. X-Microsoft-Antispam-Mailbox-Delivery:
  103. ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(930097);
  104. X-Microsoft-Antispam-Message-Info:
  105.  
  106. Content-type: multipart/alternative;
  107. boundary="B_3753344251_1788315488"
  108.  
  109. > This message is in MIME format. Since your mail reader does not understand
  110. this format, some or all of this message may not be legible.
  111.  
  112. --B_3753344251_1788315488
  113. Content-type: text/plain;
  114. charset="UTF-8"
  115. Content-transfer-encoding: quoted-printable
  116.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!