Santander Banking Scam; Subject: Important Customer Notice; seemingly from securityalert@santander.co.uk - Scamalot

Seen a Scammer? Report Them!

Seen a scammer? Been caught out? Let the world know so they don't get burned. Add information if you see one that's already been logged - scammers move quickly and change details often to avoid detection. Details you log here will be in major search engines within an hour or two.

Please Like, Share, Tweet etc. to spread the word.
Scam Report Type: at  
Scam ReporterScam Tips Received
No Name
East Grinstead, West Sussex, United Kingdom
2012-10-14 06:33:30
Identity Theft
Santander Banking Scam; Subject: Important Customer Notice; seemingly from securityalert@santander.co.uk
 Scammer
  Information
Name:
   esc3@hermes.hood.edu
Email Address:
   esc3@hermes.hood.edu
Santander Identity Theft Scam from blacklisted IP located in Fareham, UK.

esc3@hermes.hood.edu , a HELO user of hermes.hood.edu sending phishing scam (with ESMTPA id 36711788) supposedly from securityalert@santander.co.uk with attached file link.
NB. DO NOT OPEN FILE ATACHMENT!

Originating IP: 88.212.147.234
ISP: Mailbox Networks
Host Name: 88-212-147-234.rdns.as8401.net
Organization: Mailbox Networks
Country: Fareham, Hampshire F2, United Kingdom.

Phish routed via IP 144.175.16.121 (ISP: Hood College; Host Name: hermes.hood.edu ; Organization: Hood College located in Frederick, Maryland, MD21701, United States.)
_ _ _ _ _ _ _ _

Received: from hermes.hood.edu ([144.175.16.121]) by BAY0-MC3-F36.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Sat, 13 Oct 2012 09:46:28 -0700
X-AttachExt: htm
Received: from [88.212.147.234] (account mailto:esc3@hermes.hood.edu HELO User)
by hermes.hood.edu (CommuniGate Pro SMTP 5.3.7)
with ESMTPA id 36711788; Sat, 13 Oct 2012 12:45:24 -0400
From: \"Santander Online Banking\"
Subject: Important Customer Notice
Date: Sat, 13 Oct 2012 17:42:16 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=\"----=_NextPart_000_00BA_01C2A9A6.30BEB86C\"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
Bcc:
Return-Path: mailto:securityalert@santander.co.uk
X-OriginalArrivalTime: 13 Oct 2012 16:46:28.0749 (UTC) FILETIME=[4A9FD3D0:01CDA962]

This is a multi-part message in MIME format.

------=_NextPart_000_00BA_01C2A9A6.30BEB86C
Content-Type: text/plain;
charset=\"Windows-1251\"
Content-Transfer-Encoding: 7bit

Irregular activities has been detected on your Santander account

your access to your Santander account has been temporarily blocked

complete security verification required to remove all restriction placed on your
account

Open with Internet Browser and proceed now via attached file to restore access to your account

Regards

Customer Service Team
 Got more information on this Scam? Add to Report