Wednesday, March 26, 2014

Fake Apple Mail. to my www.z64.ca account



Like really how can this be, you send me an e-mail to computer / security business.

So I got an e-mail with the following.. See screen.


Let’s examine this e-mail by looking up its source.


 x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J
Authentication-Results: hotmail.com; spf=softfail (sender IP is 113.11.250.183) smtp.mailfrom=no-reply@apple.com; dkim=none header.d=apple.com; x-hmca=none header.id=no-reply@apple.com
X-SID-PRA: no-reply@apple.com
X-AUTH-Result: FAIL
X-SID-Result: FAIL
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTngJmlahZDJ8NNeTcL+g4FLTs1Po2vwHXhfiLs/a2JDST6OvHyyGqDXkfGuKslzm+NaGoB7ucP5jfEuIfXtg2b4f7O5EefbBfTCs83udgb9NXew9/M+SBpxKaOA21SPSHT7zqCAj81LC9ijIcsJiK/WFbppkyi1LstOfrtT2PIAv4MgTykH+PZnPPstyy+YA+JeyiM6fLXj6diNULHF2NOU
Received: from vps.hostingsolutions.sg ([113.11.250.183]) by BAY0-PAMC2-F10.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
     Mon, 24 Mar 2014 07:29:03 -0700
Received: from [193.0.200.185] (port=16931 helo=User)
    by vps.hostingsolutions.sg with esmtpa (Exim 4.82)
    (envelope-from <no-reply@apple.com>)
    id 1WS5qP-0008Pp-3H; Mon, 24 Mar 2014 22:27:18 +0800
From: "Apple Store"<no-reply@apple.com>
Subject: Your iTunes account has been suspended!
Date: Mon, 24 Mar 2014 14:25:30 -0700
MIME-Version: 1.0
Content-Type: text/html;
    charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - vps.hostingsolutions.sg
X-AntiAbuse: Original Domain - z64.ca
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - apple.com
X-Get-Message-Sender-Via: vps.hostingsolutions.sg: authenticated_id: hdb@coreno.com.sg
Bcc:
Return-Path: no-reply@apple.com
Message-ID: <BAY0-PAMC2-F10rIkyP000db313@BAY0-PAMC2-F10.Bay0.hotmail.com>
X-OriginalArrivalTime: 24 Mar 2014 14:29:04.0435 (UTC) FILETIME=[68539830:01CF476D]

<html>
<head>
<title>America Online</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
.style1 {
    font-family: Tahoma;
    font-size: x-small;
}
.style2 {
    color: #0E58A2;
    font-family: Tahoma;
    font-size: x-small;
    text-decoration: underline;
}
.style3 {
    color: #0E58A2;
}
.style4 {
    font-family: Tahoma;
    color: #0E58A2;
    font-size: xx-small;
}
.style5 {
    font-size: xx-small;
    font-weight: bold;
}
.style6 {
    font-size: xx-small;
}
.auto-style1 {
    font-size: medium;
}
.auto-style2 {
    font-size: medium;
    font-weight: bold;
}
.auto-style3 {
    font-size: small;
}
.auto-style4 {
    font-size: 13pt;
}
.auto-style6 {
    font-family: Tahoma;
    font-size: small;
}
</style>
</head>

<p>
<img height="119" src="http://mastering.soundops.com/wp-content/uploads/2012/03/itunes-logo-300x96.jpg" width="215"></p>
<p><font color="#000000" face="Tahoma"><em><span class="auto-style3">Dear
</span>
</em></font><font color="#0e58a2" face="Tahoma"><em>
<span class="auto-style3">Apple Customer.</span></em></font><strong><font color="#000000" face="Tahoma"><span class="auto-style1">,</span></font></strong><font

color="#000000" face="Tahoma"><br class="auto-style2">
</font><br class="auto-style1"><br class="auto-style1">
<span class="auto-style1"><strong>&nbsp;</strong></span><span class="auto-style6"><strong>It has come to our attention that your Apple store Account Information records are out of date and for this reason we have frozen your account and you will be unable to use your Apple Account information both on Itune Store and over the phone, which may aswell result in shuting down of your account if you do not update your billing information within the next 48 hours. </strong></p>
<p class="auto-style6"><strong>Please update your billing to continue using your Apple Account as usual through the Apple link below. </strong></span></p>
<br class="auto-style1">
<p class="style6"><strong>
<a href="http://www.southpark4x4club.com/files/login/www.apple.ca/index.php">
<span class="style6">
www.apple.com/unsuspend/appleupdate/login.php</span></a></strong></p>
<p><font color="#666666" face="Arial, Helvetica, Verdana, san-serif" size="2">
<b><br class="style6"><span class="style6">Sincerely,<br></span>
<br class="style6"></font>
<font color="#0e58a2" face="Arial, Helvetica, Verdana, san-serif">
<span class="style5">Apple Store Services Team</span></font></p>
<p class="style4"><strong>© 2014 APPLE Inc. All Rights Reserved</strong></p>
</html>
</body>

As you can see the e-mail comes from
vps.hostingsolutions.sg 113.11.250.183

 IP Location:

Singapore Singapore Usonyx Pte Ltd

ASN

AS38532 USONYX-AS-AP USONYX PTE LTD (registered Mar 30, 2007)








I sure do not e-mail people in that part of the world.

Thursday, March 13, 2014

WII game tracking



Today I was looking at some logs from my own house network.. Only to find out that my 5 year gaming behavior on his WII is being tracked.  Look at the attached screen, you can see that she was playing WII Dance.. the exact game I think was just dance 2013 or 2014.
Best part is they know for how long and what game she plays before I do. ;-)