Impersonation of AmEx, QR code phishing/malware? attempt.
Subject: Action Needed: Unf ... show moreImpersonation of AmEx, QR code phishing/malware? attempt.
Subject: Action Needed: Unfamiliar Transaction
To: Redacted@Redacted
Reply-To: From: AmexCard Customer Service <[email protected]> show less
Involved in scam/phishing exploit; 'dying of cancer, bank accounts, entrust you, millions $$� ... show moreInvolved in scam/phishing exploit; 'dying of cancer, bank accounts, entrust you, millions $$', blah blah woof woof. show less
Server running MS SMTPSVC, your basic phishing/scam email: dying from cancer, entrust you, banks in ... show moreServer running MS SMTPSVC, your basic phishing/scam email: dying from cancer, entrust you, banks in London and Africa, millions, etc. blah blah blah. Got stopped cold by our 3rd-party email security platform on Sat. Then they tried again on Sun. doing end-run around said security platform sending via Exchange Online route. MS stopped that one cold, as well. Nice try, ass clowns. show less
action=deny srcip=122.141.234.179 dstip=REDACTED srcport=55090 srcname=179.234.141.122.adsl-pool.jlc ... show moreaction=deny srcip=122.141.234.179 dstip=REDACTED srcport=55090 srcname=179.234.141.122.adsl-pool.jlccptt.net.cn dstname=REDACTED service=MS-SQL app=MS-SQL srccountry=China dstcountry=United States show less
action=deny srcip=77.221.153.90 dstip=REDACTED srcport=58927 srcname=grandiose-surprise_n7.aeza.netw ... show moreaction=deny srcip=77.221.153.90 dstip=REDACTED srcport=58927 srcname=grandiose-surprise_n7.aeza.network dstname=REDACTED service=tcp/62004 app=tcp/62004 srccountry=France dstcountry=United States show less
action=deny srcip=122.160.9.110 dstip=REDACTED srcport=47640 srcname=abts-north-static-110.9.160.122 ... show moreaction=deny srcip=122.160.9.110 dstip=REDACTED srcport=47640 srcname=abts-north-static-110.9.160.122.airtelbroadband.in dstname=REDACTED service=MS-SQL app=MS-SQL srccountry=India dstcountry=United States show less
action=deny srcip=128.1.43.230 dstip=REDACTED srcport=43347 srcname=128.1.43.230 dstname=REDACTED se ... show moreaction=deny srcip=128.1.43.230 dstip=REDACTED srcport=43347 srcname=128.1.43.230 dstname=REDACTED service=ALL PORTS app=ALL PORTS srccountry=Russian Federation dstcountry=United States show less
action=deny srcip=116.226.78.6 dstip=REDACTED srcport=51067 srcname=116.226.78.6 dstname=REDACTED se ... show moreaction=deny srcip=116.226.78.6 dstip=REDACTED srcport=51067 srcname=116.226.78.6 dstname=REDACTED service=SMB app=SMB srccountry=China dstcountry=United States show less
action=deny srcip=36.49.34.218 dstip=REDACTED srcport=57155 srcname=36.49.34.218 dstname=REDACTED se ... show moreaction=deny srcip=36.49.34.218 dstip=REDACTED srcport=57155 srcname=36.49.34.218 dstname=REDACTED service=TELNET app=Console Management(Telnet) srccountry=China dstcountry=United States show less
action=deny srcip=1.71.133.189 dstip=REDACTED srcport=35126 srcname=1.71.133.189 dstname=REDACTED se ... show moreaction=deny srcip=1.71.133.189 dstip=REDACTED srcport=35126 srcname=1.71.133.189 dstname=REDACTED service=tcp/6379 app=tcp/6379 srccountry=China dstcountry=United States show less
action=deny srcip=182.117.2.79 dstip=REDACTED srcport=41896 srcname=hn.kd.ny.adsl dstname=REDACTED s ... show moreaction=deny srcip=182.117.2.79 dstip=REDACTED srcport=41896 srcname=hn.kd.ny.adsl dstname=REDACTED service=TELNET app=Console Management(Telnet) srccountry=China dstcountry=United States show less