Should we report when we receive a phishing email from someone pretended to be Sonic, so Sonic knows about it? Should we forward the phishing email to some email address in Sonic? Or should we assume that Sonic already knows about it? The one I received below today made it through the SPAM filter even though I have the SPAM filter set to the strongest setting.
I couldn't post in the graphics that went with this but it looks fairly authentic. If I hadn't checked the actual links and email addresses. Some people are probably being fooled by it.
Thanks.
Chuck
Sonic
We're experiencing issues with your information
Update your Profile.
http://home.cablelan.net/~djules/one/
If you're not sure why you received this email, you can click on the link above.10:27:31 PM
Return-Path: <
agtmgutsche@internode.on.net>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on e.spam.sonic.net
X-Spam-Level:
X-Spam-Status: No, score=-0.1 required=1.0 tests=HTML_MESSAGE,KHOP_HELO_FCRDNS,
MSGID_FROM_MTA_HEADER,RCVD_HELO_IP_MISMATCH,SNF4SA,SONIC_BX_A2,
SPF_HELO_NONE shortcircuit=no autolearn=disabled version=3.4.6
X-Spam-SNF-Result: 0 (Standard White Rules)
X-Spam-MessageSniffer-Scan-Result:
X-Spam-MessageSniffer-Rules:
0-0-0-14646-c
X-Spam-GBUdb-Analysis: 0, 157.131.224.146, Ugly c=1 p=-0.738328 Source Normal
Received: from f.mx.sonic.net (b.spam-proxy.sonic.net [157.131.224.146])
by a.local-delivery (8.14.7/8.14.7) with ESMTP id 1ATERZiw023415
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
for <
corley@lds.sonic.net>; Mon, 29 Nov 2021 06:27:35 -0800
Received: from smtp-out-b2-7.tor.pathcom.com (smtp-out-b2-134.tor.pathcom.com [207.188.95.134])
by f.mx.sonic.net (8.14.7/8.14.7) with ESMTP id 1ATERXqj208774
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
for <
corley@sonic.net>; Mon, 29 Nov 2021 06:27:35 -0800
Message-Id: <
202111291427.1ATERXqj208774@f.mx.sonic.net>
Received: from smtp-auth08.tor.pathcom.com (localhost [127.0.0.1])
by smtp-auth08.tor.pathcom.com (Postfix) with ESMTP id A16B7540FB5
for <
corley@sonic.net>; Mon, 29 Nov 2021 09:22:17 -0500 (EST)
Received: from 107.181.178.76 (unknown [172.93.207.97])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
(Authenticated sender:
crsg@pathcom.com)
by smtp-auth08.tor.pathcom.com (Postfix) with ESMTPSA
for <
corley@sonic.net>; Mon, 29 Nov 2021 09:22:17 -0500 (EST)
From: "Sonic" <
agtmgutsche@internode.on.net>
Subject:
corley@sonic.net
To: "corley" <
corley@sonic.net>
Content-Type: multipart/alternative; boundary="FQHRicstaLTQoHI2KOkszWhtvruMy1o=_9"
MIME-Version: 1.0
Date: Mon, 29 Nov 2021 22:27:32 +0800
X-Orthrus: tar=0 grey=no co=CA os=Linux/3.11 and newer/28 spf=permerror dkim=none