I got this phishing email today from service@red.com
Beware. That site URL in the body of the email will bring you to this address.
http://curewards.us/secure/RXZlbnQxIEp1bDE0/update.htm

Be careful. Do not give your info to anyone.


Here is the email I received.

Forwarded Message:
Subj: Update your account records!
Date: 11/20/2007 2:37:18 AM Eastern Standard Time
From: service@red.com
Sent from the Internet (Details)



Dear Customer,

We encourage you to log in to your account as soon as possible to help avoid this. Once you log in, you will be provided with steps to restore your account to regular standing. We appreciate your understanding as we work to guarantee account safety.Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. In accordance with Regions Bank, Financial Corp.'s User Agreement, your account access will remain limited until the issue has been resolved.

https://www.regions.com/rdcLogin/?RXZlbnQxIEp1bDE0


As part of our security measures,we regularly screen activity in the Online Banking system.We recently noticed the following issue on your Savings account:A recent review of your Banking account determined that we need some additional information from you in order to provide you with online secure service. Case ID Number: US-320-159-271. For your protection, we have limited Internet access to your account until additional security measures can be completed.

Thank you for your prompt attention to this matter. We apologize for any inconvenience.This is a security procedure intended to help protect you and your bank account.

Regards,

Regions Bank, NA, Account Service


CIMCPRTJJKRLMOODOWGNDPTNOKKEBKJLCHVXRC

thanks

mate, anyone stupid enough to go through with such an obvious scam deserves to lose their money :)

mate, anyone stupid enough to go through with such an obvious scam deserves to lose their money :)

I know. I wouldn't have posted except that it came from the email address service@red.com

Someone is gonna be stupid.

I know. I wouldn't have posted except that it came from the email address service@red.com

Someone is gonna be stupid.

You are right about that and the people stupid enough probably don't read these forums.

it would be bad enough to lose all your hard earned dollars, but too have some steal your Red fund would crush my soul!:sick:

Actually this is not funny as not known what info has been exposed to scammers. Like, how the ... they did get your email address?
Hopefully Red One would make things clear.

Ha! I love the site that it sends you to!!! It is so obviously lamely fake. Unbelievable that anyone would bother with something so low-rent... but there must be some real suckers out there.

So just to make sure I was safe up I updated all my accounts... (just kidding)

Ha! I love the site that it sends you to!!! It is so obviously lamely fake. Unbelievable that anyone would bother with something so low-rent... but there must be some real suckers out there.

So just to make sure I was safe up I updated all my accounts... (just kidding)just be careful you didn't contract anything from the site

No it's OK, I'm all firewalled and sanitised to the max here. (NBCUni)

Normally email sent from RED for account notification purposes will include the name your account was registered under on the first line.

PM me if your server supports Domain Keys. If we've got more than a few people validating Domain Keys on their incoming messages, we'll turn it on for all outgoing mail.

If you're not familiar with Domain Keys, you might want to check the Wikipedia page:
http://en.wikipedia.org/wiki/DomainKeys

Steve,

You guys are so distrustful. I'm waiting on a check right now for a hundred grand!! That my Cooke S4's right there. All I had to do was Western Union $4500 to Dr. John Okeke, Lagos Nigeria. A straightforward bussiness transaction and he's a doctor to boot!

You never know what great bussiness opportunities will arrive randomly in your email. No risk, no reward my man.

IBloom

Steve,

You guys are so distrustful. I'm waiting on a check right now for a hundred grand!! That my Cooke S4's right there. All I had to do was Western Union $4500 to Dr. John Okeke, Lagos Nigeria. A straightforward bussiness transaction and he's a doctor to boot!

You never know what great bussiness opportunities will arrive randomly in your email. No risk, no reward my man.

IBloom

:biggrin:

Steve,

You guys are so distrustful. I'm waiting on a check right now for a hundred grand!! That my Cooke S4's right there. All I had to do was Western Union $4500 to Dr. John Okeke, Lagos Nigeria. A straightforward bussiness transaction and he's a doctor to boot!

You never know what great bussiness opportunities will arrive randomly in your email. No risk, no reward my man.

IBloom

That's funny, I got the same deal going with the same guy too.

Whoa, so that email from service@red.com promising to triple my stamina isn't legit? Gah! I want my $59.95 back!

A NOTE FROM RED ABOUT THIS SPAM MESSAGE.

You may be aware that the FROM address on an email can be arbitrarily selected by the sender. There is nothing preventing you from sending email with a From address of the.president@whitehouse.gov. Unfortunately, there is nothing stopping SPAMMERS from doing so either. Yahoo and EBay get hit the hardest by this, but all of us are occasionally affected. The SPAM that "s816mm35mm" received with a forged from address of "service@red.com" is only the latest example. To prevent this form of SPAM at RED:

1. We're working on an official RED Email format that will, at a glance, help you differentiate an official RED email from a casual SPAM.

2. Spammers have your email address, but rarely does a SPAM mailing list also include your name. Instead, SPAM typically starts with something generic like "Dear Customer" or just jumps right into the message. Official RED Email Notifications will always include your account name on the first line so that you can see at a glance that it's not SPAM.

3. We will also begin implementing the DKIM standard to cryptographically sign all outgoing messages from RED. If there is ever a doubt about where a RED message is genuine, cryptographically validating the signature will eliminate that doubt. An increasing number of email systems support DKIM validation when the message is received so the validation may be done by your email system before it arrives in your Inbox.

Whoa, so that email from service@red.com promising to triple my stamina isn't legit? Gah! I want my $59.95 back!

Lol! Shawn, Dr. John sells Triple Stamina for $19.95.

IBloom

Thank you Ryan.

...how the ... they did get your email address?
Hopefully Red One would make things clear.

maybe from his webpage

That's funny, I got the same deal going with the same guy too.

Not fair! I never seem to get any of these sweet deals. :waaa:

FYI-

We just received another copy of the "Regions Bank, Financial Corp.'s" SPAM this time using the non-existent from address: Lora.McIntosh@red.com

For your reference, here are the headers from the top of the email (looks to be sent from a BellSouth dial up, or from ATT)

Return-Path: <Lora.McIntosh@red.com>
X-Original-To: [[censored before posting on reduser]]
Delivered-To: [[censored before posting on reduser]]
Received: from mta-m1.tc.umn.edu (mta-m1.tc.umn.edu [134.84.119.122]) by opal.tc.umn.edu (Postfix) with ESMTP id 4F45D306C for <[[censored before posting on reduser]]>; Wed, 21 Nov 2007 18:39:27 -0600 (CST)
Received: from fmailhost05.isp.att.net (fmailhost05.isp.att.net [204.127.217.105]) by mta-m1.tc.umn.edu (UMN smtpd) with ESMTP for <cohen047@umn.edu>; Wed, 21 Nov 2007 18:39:27 -0600 (CST)
X-Umn-Remote-Mta: [N] fmailhost05.isp.att.net [204.127.217.105] #+NR+CU+OF (A,-)
X-Umn-Report-As-Spam: <http://umn.edu/mc/s?DcnckaUN6s9ZHm$phTHg0j2RNcydZVzXcunVrALOGmdnkxIM rMg4WLBgTjoMT3K@agd04HtHRnNg>
Message-Id: <smtpd.40e7.4744cfbf.30833.1@mta-m1.tc.umn.edu>
Received: from user (adsl-074-247-248-090.sip.mia.bellsouth.net[74.247.248.90]) by bellsouth.net (frfwmhc05) with SMTP id <20071122003715H0500f14dae>; Thu, 22 Nov 2007 00:39:24 +0000
X-Originating-IP: [74.247.248.90]
From: Regions Bank <Lora.McIntosh@red.com>
Subject: Reactivate Your Account
Date: Wed, 21 Nov 2007 19:38:10 -0500
MIME-Version: 1.0
Content-Type: text/html; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
To: undisclosed-recipients:;