If you get this email DO NOT CLICK ANY LINKS - report it as Phishing / Scam / Spam to your providerJust got this email through an email account I use for mining, which means it came from one of the pools I'm on. My email is set to hidden on all pools. Not sure if it's a scam, but it SURE looks like one.
On examining the hidden link data, it redirects to a google drive to load some file. I didn't click on it. I'll include the header data below, and a pic of the email. I won't include the email as I wouldn't want anyone clicking the link.
Looks like someone exploited a relay somewhere.
Anyone else see this? What makes me curious is the email account is for mining pools. If it's hidden, someone had server-side access..
Received: by 10.216.177.133 with SMTP id d5csp247824wem;
Tue, 14 Jan 2014 20:45:32 -0800 (PST)
X-Received: by 10.194.176.163 with SMTP id cj3mr121390wjc.8.1389761132178;
Tue, 14 Jan 2014 20:45:32 -0800 (PST)
Return-Path: <
apache@tifon.es>
Received: from tifon.es (tifon.es. [82.223.247.223])
by mx.google.com with ESMTPS id e4si2480832wik.48.2014.01.14.20.45.31
for <
hidden>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Tue, 14 Jan 2014 20:45:32 -0800 (PST)
Received-SPF: fail (google.com: domain of
apache@tifon.es does not designate 82.223.247.223 as permitted sender) client-ip=82.223.247.223;
Authentication-Results: mx.google.com;
spf=hardfail (google.com: domain of
apache@tifon.es does not designate 82.223.247.223 as permitted sender) smtp.mail=apache@tifon.es
Received: by tifon.es (Postfix, from userid 48)
id 2472E6503B1; Wed, 15 Jan 2014 05:45:31 +0100 (CET)
To:
hiddenSubject: Is your wallet.dat compromised? Know it with Google
From: Google Services <
bitcoin@googleservices.com>
Reply-To:
bitcoin@googleservices.comErrors-To:
bitcoin@googleservices.comMIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <
20140115044531.2472E6503B1@tifon.es>
Date: Wed, 15 Jan 2014 05:45:31 +0100 (CET)
