This is NOT a mesage from the US Treasury/Federal Reserve Bank. The Web link in the body of the message is onwed by an individual in Russia. The sender's IP looks like it's in Spain. We're guessing that clicking that link will result in the installation of malware or spyware. Maybe it installs a keylogger that captures everything you type in the hopes of getting your personal information. This is a fraudulent message and should be avoided.

Message text:
FEDERAL RESERVE BANK

Important:
You're getting this letter in connection with new directions issued by
U.S. Treasury Department. The directions concern U.S. Federal Wire
online payments.

On January 21, 2009 a large-scaled phishing attack started and has been
still lasting. A great number of banks and credit unions is affected by
this attack and quantity of illegal wire transfers has reached an
extremely high level.

U.S. Treasury Department, Federal Reserve and Federal Deposit Insurance
Corporation (FDIC) in common worked out a complex of immediate actions
for the highest possible reduction of fraudulent operations. We regret
to inform you that definite restrictions will be applied to all Federal
Wire transfers from January 28 till February 9.

Here you can get more detailed information regarding the affected banks
and U.S. Treasury Department restrictions:

http :// fedwire.1federalreservesystem.net/375989213/wire/

Federal Reserve Bank System Administration

Headers:
Received: via [removed] for [removed]; Sat, 31 Jan 2009
00:01:51 +0200 (EET)
Received: from 70.Red-80-24-141.staticIP.rima-tde.net
(70.Red-80-24-141.staticIP.rima-tde.net [80.24.141.70]) by
emh07.mail.saunalahti.fi (Postfix) with ESMTP id 72A781C6382 for
[removed]; Sat, 31 Jan 2009 00:01:50 +0200 (EET)
Received: from [80.24.141.70] by iris3.directnic.com; Fri, 30 Jan 2009
23:01:31 +0100
Date: Fri, 30 Jan 2009 23:01:31 +0100
From: "Анас Фарваз"  <dwtakomaunitedm @ takomaunited.net>
X-Mailer: The Bat! (v2.04.7) Business
Reply-To: dwtakomaunitedm @ takomaunited.net
X-Priority: 3 (Normal)
Message-ID: <157477005.15271379165846 @ takomaunited.net>
To: [removed]
Subject: Read Carefully: Important Information!
MIME-Version: 1.0
Content-Type: text/plain;  charset=Windows-1252
Content-Transfer-Encoding: 7bit

WHOIS 1federalreservesystem.net:
(Courtesy: http://whois.domaintools.com/1federalreservesystem.net)
Domain Status:     Registered And No Website
DNS:
        ns1.1federalreservesystem.net
        ns2.1federalreservesystem.net
Created: 2009-01-21 18:04:36
Expires: 2010-01-21 18:04:36
Last Modified: 2009-01-21 18:03:31

Registrant Contact:
        Pavel Maryevich
        Pavel Maryevich (pasha @ ipanda.info)
        Podolskih Kursantov str. d.12 kv.316
        Moscow, Moscow, ru 117545
        P: +7.4957239069         F: +0.0
Registrant Search:     "Pavel Maryevich" owns about 9 other domains
(See: http://www.domaintools.com/registrant-search/?and[]=Pavel&and[]=Maryevich)

Comments

Add New Search RSS

The views expressed and the links provided on our comment pages are the personal views of individual contributors and do not necessarily reflect the views of PhishBucket.org.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

---

Tag it: