Ja, det er forskjellig som hackerne leker seg med.. her ser det trente øiet headingen i en e-post fra Japan.
Her er selve meldingen: Denne e-posten skal du bare slette, og aldri finne på å klikke på, da får du besøk av djevelen på din pc-.
Hei.
Din BankID slutter å virke 08.11.2020. Du fornyer den automatisk hvis du logger inn i nettbanken med BankID (med engangskode på mobil ),
Klikk her
Når du har gjort alt dette; vil kontoen din bli aktivert umiddelbart, og du vil kunne fortsette bruke ditt navaerende kodekort kredittkort.
Med vennlig hilsen
SpareBank 1
BankID
BankID er en sikker og enkel identifisering på nett.
Her er HEADINGEN som man finner ved å Høyreklikke og velge Properties- så ser du headeren.
BmOnline
Return-Path: <support@ledius.co.jp>
Received: from cpweb02.misshosting.no
by cpweb02.misshosting.no with LMTP
id MHTfCAAxpl9x7zEAO49wEQ
(envelope-from <support@ledius.co.jp>); Sat, 07 Nov 2020 06:30:40 +0100
Return-path: <support@ledius.co.jp>
Envelope-to: bmonline@bmonline.no
Delivery-date: Sat, 07 Nov 2020 06:30:40 +0100
Received: from www7031m.sakura.ne.jp ([49.212.70.31]:61360)
by cpweb02.misshosting.no with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.93)
(envelope-from <support@ledius.co.jp>)
id 1kbGo6-00Djt9-FY
for bmonline@bmonline.no; Sat, 07 Nov 2020 06:30:40 +0100
Received: from www7031m.sakura.ne.jp (localhost [127.0.0.1])
by www7031m.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 0A75UUs7083424
for <bmonline@bmonline.no>; Sat, 7 Nov 2020 14:30:30 +0900 (JST)
(envelope-from support@ledius.co.jp)
Received: (from nonfix@localhost)
by www7031m.sakura.ne.jp (8.15.2/8.15.2/Submit) id 0A75UUIo083421;
Sat, 7 Nov 2020 14:30:30 +0900 (JST)
(envelope-from support@ledius.co.jp)
X-Authentication-Warning: www7031m.sakura.ne.jp: nonfix set sender to support@ledius.co.jp using -f
To: bmonline@bmonline.no
Subject: =?UTF-8?Q?P=C3=A5minnelse_fra_Sparebanken?=
Date: Sat, 7 Nov 2020 05:30:30 +0000
From: BankID <support@ledius.co.jp>
Message-ID: <20024d70b3acb498cb64294ad3caea57@ledius.co.jp>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_20024d70b3acb498cb64294ad3caea57"
Content-Transfer-Encoding: 8bit
X-OutGoing-Spam-Status: No, score=0.0
X-Spam-Status: No, score=0.0
X-Spam-Score: 0
X-Spam-Bar: /
X-Ham-Report: Spam detection software, running on the system "cpweb02.misshosting.no",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview:  Hei. Din BankID slutter å virke 08.11.2020. Du fornyer
den automatisk hvis du logger inn i nettbanken med BankID (med engangskode
pÃ¥ mobil ),Â
Content analysis details: (0.0 points, 1000.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/Dns ... nsbl-block
for more information.
[URIs: hypnosepraxis-steimle.de]
0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)
0.0 HTML_MESSAGE BODY: HTML included in message
X-Spam-Flag: NO