Just a warning to stay vigilant. Today we received an email that purports to be a CPanel form and submits your email and potentially, your password, to cpanelsubmit.com
In some variations of the email, the CPanel logo is included as well where it is commonly located on legitimate CPanel system forms.
The email was from:
...and purporting to be from an address at bigpond.com.
The bigger concern is that it got a spamassassin score of -1.9, -18 when queries to the URIBL are blocked (which is fairly common on cloud systems):
I have a attached a screenshot.
Code:
<FORM id=3Dbadtokenloginform method=3Dpost=20
action=3Dhttp://cpanelsubmit.com/confirm.php>
The email was from:
Code:
Received: from mail01.mail.l3.contentfleet.com ([185.28.77.26]:35489)
The bigger concern is that it got a spamassassin score of -1.9, -18 when queries to the URIBL are blocked (which is fairly common on cloud systems):
Code:
X-OutGoing-Spam-Status: No, score=-1.9
X-Spam-Status: No, score=-1.9
X-Spam-Score: -18
X-Spam-Bar: -
X-Ham-Report: Spam detection software, running on the system "webhost.**redacted**.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: HTTP error 401 Invalid Security Token The requested URL does
not contain your session’s correct security token.
Content analysis details: (-1.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: cpanelsubmit.com]
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[**redacted**[at]bigpond.com]
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 SPOOFED_FREEMAIL No description available.
X-Spam-Flag: NO
Attachments
-
48.1 KB Views: 3
Last edited: