API tools faq
paste
Advertisement
wavellan

20200924_PHISHING_SCAM_1

wavellan
Sep 25th, 2020
413
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.56 KB | None | 0 0
raw download clone embed print report
  1. Dear Staff,
  2.  
  3. As we are preparing to enter the new phase of COVID-19 level. IT Helpdesk has introduced the Alert System to manage and minimize the risk of COVID-19. All Staff are required to Login COVID-19 Alert System to see their tasks and schedules.
  4.  
  5. To access, Click on COVID-19 Alert System
  6.  
  7. Take care and keep safe.
  8.  
  9. Sincerely,
  10. IT Helpdesk
  11. ©2020 All rights reserved
  12.  
  13.  
  14.  
  15.  
  16. Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by
  17. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  18. id 15.0.1497.2 via Mailbox Transport; Thu, 24 Sep 2020 14:01:29 -0500
  19. Received: from MBX09C-ORD1.mex08.mlsrvr.com (172.29.9.34) by
  20. MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS)
  21. id 15.0.1497.2; Thu, 24 Sep 2020 14:01:28 -0500
  22. Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by
  23. MBX09C-ORD1.mex08.mlsrvr.com (172.29.9.34) with Microsoft SMTP Server (TLS)
  24. id 15.0.1497.2 via Frontend Transport; Thu, 24 Sep 2020 14:01:28 -0500
  25. Return-Path: <[email protected]>
  26. X-Spam-Threshold: 95
  27. X-Spam-Score: 100
  28. Precedence: junk
  29. X-Spam-Flag: YES
  30. Authentication-Results: smtp1.gate.ord1d.rsapps.net x-tls.subject="/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com"; auth=pass (cipher=AES256-GCM-SHA384)
  31. X-Virus-Scanned: OK
  32. X-Orig-To:
  33. X-Originating-Ip: [40.107.92.68]
  34. Authentication-Results: smtp1.gate.ord1d.rsapps.net; iprev=pass policy.iprev="40.107.92.68"; spf=pass smtp.mailfrom="[email protected]" smtp.helo="nam10-bn7-obe.outbound.protection.outlook.com"; dkim=pass header.d=bcsdny.onmicrosoft.com; dmarc=none (p=nil; dis=none) header.from=bcsdny.org
  35. X-Suspicious-Flag: NO
  36. X-Classification-ID: 59a85bd8-fe98-11ea-bc8f-5254002d775b-1-1
  37. Received: from [40.107.92.68] ([40.107.92.68:45607] helo=NAM10-BN7-obe.outbound.protection.outlook.com)
  38. by smtp1.gate.ord1d.rsapps.net (envelope-from <[email protected]>)
  39. (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=AES256-GCM-SHA384
  40. subject="/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com")
  41. id F3/1F-23346-80DEC6F5; Thu, 24 Sep 2020 15:01:28 -0400
  42. ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
  43. b=iTszFNNM2GHVfXHAmNe/WHCaRPkG/WXhumvNBKWuStRVjoDzdrIQw5UHFq9kkyfKzNmljj0lVmYupZojT8W0GJ3DLQqTXFON4KekoMMwDjayrWBL7a3Vbl9KrMpQjImCxJzVshS9wEQCKeZx4SsqFv1t9E2KE/+kcB4ECjkFGL8AEBRemZpgrgbZIWqy9mlVCrxxZ1f+YjK6wJcIiGCNzUQ5zdexBZbx5eQPVdNyMtSwc7YYvvJRniWayfgiV451iqXJ6uV56SGNdLs/kDzN8hwvZbJ2DLCHCvelBM0i/mzWyDpQ3JZMGU4ZSRoPLQi3WbihotRuHLC61YqstzOmYw==
  44. ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
  45. s=arcselector9901;
  46. h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
  47. bh=k8bWES4vDkcpk/d16MX+leKhv4iO5xmBoiT2xL8aQYE=;
  48. b=gxcxVwbst/gFwxfm+rINy9xROD+BpP/WIU8VEEvoniRiXqSVeCVaUx3Yh938K5aRVZMMKn40SEHNBigC/a1gQ07aE5+Kk7ysQAa1BlrzpKSItKA4lnENRRhWbiXJ7pcluxvLI/Pv6CEOFhQD+8l32h4nKtJXW9IdjCQia1JI5Ch9K/vGVjK44zEgXdfRnkZBWjKxC4DlHfNf38NQWZf6wvcjmZ6nLYAO5mX6fNA7LqSsA+1SHQdYuUm0jg7T1mgd4zKOKP3RUIv5SuVRtdN9mWpboMPlWtvnNa06slKMaVMyUe4a5Q+TAdWwf2HNK9nofhjA1KjvOLVETWC9szRAOQ==
  49. ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip
  50. is 69.74.165.153) smtp.rcpttodomain=suttonmail.org smtp.mailfrom=bcsdny.org;
  51. dmarc=none action=none header.from=bcsdny.org; dkim=none (message not
  52. signed); arc=none
  53. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  54. d=bcsdny.onmicrosoft.com; s=selector1-bcsdny-onmicrosoft-com;
  55. h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
  56. bh=k8bWES4vDkcpk/d16MX+leKhv4iO5xmBoiT2xL8aQYE=;
  57. b=l15/1SMgX/dLQT2uma5c2s9H3DA+YFvj6O5kANJ6NWNWQYeXKALKt1rD0bdOakJs/9JlESB9oJElwPDzcWSYdhaLw0YBK7//tNuniWueIv1Ugum8zkIIUHVUo0LRLZmZViQHkBiEvU1+qfq/EpKsUoByXxugJCOYT+5JCTHNuik=
  58. Received: from DM6PR03CA0068.namprd03.prod.outlook.com (2603:10b6:5:100::45)
  59. by DM5PR22MB0188.namprd22.prod.outlook.com (2603:10b6:3:58::23) with
  60. Microsoft SMTP Server (version=TLS1_2,
  61. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.20; Thu, 24 Sep
  62. 2020 19:01:25 +0000
  63. Received: from DM6NAM10FT053.eop-nam10.prod.protection.outlook.com
  64. (2603:10b6:5:100:cafe::1) by DM6PR03CA0068.outlook.office365.com
  65. (2603:10b6:5:100::45) with Microsoft SMTP Server (version=TLS1_2,
  66. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.20 via Frontend
  67. Transport; Thu, 24 Sep 2020 19:01:25 +0000
  68. X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is
  69. 69.74.165.153) smtp.mailfrom=bcsdny.org; suttonmail.org; dkim=none (message
  70. not signed) header.d=none;suttonmail.org; dmarc=none action=none
  71. header.from=bcsdny.org;
  72. Received-SPF: SoftFail (protection.outlook.com: domain of transitioning
  73. bcsdny.org discourages use of 69.74.165.153 as permitted sender)
  74. Received: from EXCH2013.bcsdny.org (69.74.165.153) by
  75. DM6NAM10FT053.mail.protection.outlook.com (10.13.153.186) with Microsoft SMTP
  76. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
  77. 15.20.3412.21 via Frontend Transport; Thu, 24 Sep 2020 19:01:24 +0000
  78. Received: from EXCH2013.bcsdny.org (10.0.101.212) by EXCH2013.bcsdny.org
  79. (10.0.101.212) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Thu, 24 Sep
  80. 2020 15:00:57 -0400
  81. Received: from EXCH2013.bcsdny.org ([fe80::10ea:8b52:6483:7b09]) by
  82. EXCH2013.bcsdny.org ([fe80::10ea:8b52:6483:7b09%14]) with mapi id
  83. 15.00.1104.000; Thu, 24 Sep 2020 15:00:57 -0400
  84. From: "Connolly, William" <[email protected]>
  85. Subject: COVID-19 Alert System
  86. Thread-Topic: COVID-19 Alert System
  87. Thread-Index: AdaSpQjbLCOxoEm6rEa02dfMW1xsuA==
  88. Date: Thu, 24 Sep 2020 19:00:56 +0000
  89. Message-ID: <[email protected]>
  90. Accept-Language: en-US
  91. Content-Language: en-US
  92. X-MS-Has-Attach:
  93. X-MS-TNEF-Correlator:
  94. x-ms-exchange-transport-fromentityheader: Hosted
  95. MIME-Version: 1.0
  96. To: Undisclosed recipients:;
  97. X-EOPAttributedMessage: 0
  98. X-MS-PublicTrafficType: Email
  99. X-MS-Office365-Filtering-Correlation-Id: f06658e2-9cc4-4fcb-a305-08d860bc3c00
  100. X-MS-TrafficTypeDiagnostic: DM5PR22MB0188:
  101. X-Microsoft-Antispam-PRVS: <DM5PR22MB0188F7852A3472568518FA3CC8390@DM5PR22MB0188.namprd22.prod.outlook.com>
  102. X-MS-Oob-TLC-OOBClassifiers: OLM:6108;
  103. X-MS-Exchange-SenderADCheck: 1
  104. X-Microsoft-Antispam: BCL:0;
  105. X-Microsoft-Antispam-Message-Info: v4BMajPZDa/BYkbUott4wLaYsP4FIP/SA9enFUUSCpKSCSHTr3qFoS4Q0nsCWgernrKh/q5uGNrDkyiU3pgz07k18JeczJ3Prmad9pzUUhMH9jhyO/9KhUSB4AVF2dIVmzxNL7l5SvyfL+3gk8xUaTLXbvd9DdppQrLSNNw8Ef3nJngbSq+iKQNWPk43UBsDIRfI0UhkN1VC64Tk0Z/rdnzXJLkPLt1qkckT09y29XOEKIvDfR6/0nKBPR199uWUXdqbk8+kGRt5mRUEoR5ZcBBXcEOu08NjYGUbBCYluGRri+yKfYTeQ6mCWZMqdngPKWpcc+OrJ7DXKU2L7pFuUDwn+FzdTIn3huzWVbNdxgK2v8NPhLFSBz/U2JhoToAgWe/yOUmWRlpGmjuGOLJ0rz8mJNtdVUKk5xRXqw60eFsoiTNrWEOXkNmE01gZGHhuSDtQKC3k4P1ZKLA0P6X9/IuoY9jPtvIEROwjKuUuLpInDjJPH1r3nzP5fHh6xJVThZ5PSy/Rh8F98qRS67zSqw==
  106. X-Forefront-Antispam-Report: CIP:69.74.165.153;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:EXCH2013.bcsdny.org;PTR:454aa599.cst.lightpath.net;CAT:NONE;SFS:(39860400002)(346002)(376002)(136003)(396003)(46966005)(55236004)(7696005)(2906002)(15650500001)(55016002)(7416002)(7406005)(86362001)(36906005)(7336002)(7366002)(786003)(109986005)(5660300002)(7276002)(336012)(65686005)(316002)(70206006)(47076004)(166002)(186003)(8936002)(356005)(24736004)(70586007)(8676002)(81166007)(82310400003)(82740400003)(426003)(83380400001)(33310700002)(26005)(478600001)(108616005)(57042006);DIR:OUT;SFP:1101;
  107. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Sep 2020 19:01:24.7938
  108. (UTC)
  109. X-MS-Exchange-CrossTenant-Network-Message-Id: f06658e2-9cc4-4fcb-a305-08d860bc3c00
  110. X-MS-Exchange-CrossTenant-Id: 6549bd5b-2ef0-475c-b3bb-2d082fba33a5
  111. X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=6549bd5b-2ef0-475c-b3bb-2d082fba33a5;Ip=[69.74.165.153];Helo=[EXCH2013.bcsdny.org]
  112. X-MS-Exchange-CrossTenant-AuthSource: DM6NAM10FT053.eop-nam10.prod.protection.outlook.com
  113. X-MS-Exchange-CrossTenant-AuthAs: Anonymous
  114. X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
  115. X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR22MB0188
  116. X-MS-Exchange-Organization-Network-Message-Id: 61d270e4-edd7-4984-c4b6-08d860bc3e63
  117. X-MS-Exchange-Organization-SCL: 5
  118. X-MS-Exchange-Organization-AuthSource: MBX09C-ORD1.mex08.mlsrvr.com
  119. X-MS-Exchange-Organization-AuthAs: Anonymous
  120. Content-type: multipart/alternative;
  121. boundary="B_3683874879_2008625166"
  122.  
  123. > This message is in MIME format. Since your mail reader does not understand
  124. this format, some or all of this message may not be legible.
  125.  
  126. --B_3683874879_2008625166
  127. Content-type: text/plain;
  128. charset="UTF-8"
  129. Content-transfer-encoding: quoted-printable
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!