Dear Pak Syafril,
Mohon pencerahannya untuk mencegah e-mail yang semacam ini (seolah-olah dari
bankmandiri.co.id tetapi jika saya reply menuju ke [email protected]),
Internet Headers sbb :
========
X-MDAV-Result: clean
X-MDAV-Processed: mail.aio.co.id, Tue, 26 Apr 2022 12:04:36 +0700
Return-path: <[email protected]>
Authentication-Results: mail.aio.co.id;
spf=neutral [email protected];
dmarc=fail header.from=bankmandiri.co.id (p=quarantine sampling=45
pct=100);
iprev=pass policy.iprev=159.223.9.174 (PTR pvservicesllc.co.in);
iprev=pass policy.iprev=159.223.9.174 (HELO pvservicesllc.co.in);
iprev=fail policy.iprev=159.223.9.174 reason="does not match" (MAIL
[email protected])
Received-SPF: neutral (mail.aio.co.id: 159.223.9.174 is neither permitted
nor denied by domain bankmandiri.co.id)
receiver=mail.aio.co.id; client-ip=159.223.9.174;
mechanism=default; envelope-from="[email protected]";
helo=pvservicesllc.co.in;
Received: from pvservicesllc.co.in (pvservicesllc.co.in [159.223.9.174]) by
aio.co.id
with ESMTP id md50030345048.msg; Tue, 26 Apr 2022 12:04:36 +0700
X-Spam-Level: ***
X-Spam-Status: No, score=3.40 required=5.0
X-Spam-Report:
* -4.0 BAYES_00 BODY: Bayes spam probability is 0 to 1%
* [score: 0.0000]
* 4.9 MDAEMON_OP_SPAM_HIGH MDaemon: spam/phish
* 2.0 DEAR_SOMETHING BODY: Contains 'Dear (something)'
* 0.5 MISSING_MID Missing Message-Id: header
X-Spam-Processed: mail.aio.co.id, Tue, 26 Apr 2022 12:04:36 +0700
(processed during SMTP session)
X-MDOP-RefID:
str=0001.0A67342F.62677AA4.0047,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8
(_st=4 _vt=0 _iwf=0)
X-MDDMARC-Fail-policy: quarantine
X-MDSPF-Result: neutral (mail.aio.co.id)
X-MDRemoteIP: 159.223.9.174
X-MDHelo: pvservicesllc.co.in
X-MDArrival-Date: Tue, 26 Apr 2022 12:04:36 +0700
X-Rcpt-To: [email protected]
X-MDRcpt-To: [email protected]
X-Return-Path: [email protected]
X-Envelope-From: [email protected]
X-MDaemon-Deliver-To: [email protected]
Received: from IP-223-46.dataclub.eu (unknown [46.183.223.46])
(Authenticated sender: supports1)
by pvservicesllc.co.in (Postfix) with ESMTPA id 74786400D65C
for <[email protected]>; Tue, 26 Apr 2022 00:04:24 -0500 (CDT)
Content-Type: multipart/mixed; boundary="===============0407388769=="
MIME-Version: 1.0
Subject: Transaction Notification : Success
To: [email protected]
From: "Mandiri Cash Management" <[email protected]>
Date: Tue, 26 Apr 2022 08:04:23 +0300
Reply-To: [email protected]
X-WatchGuard-Spam-ID: v=2.4 cv=VOK+I/DX c=1 sm=1 tr=0 ts=62677d5b
a=oZYUOEa10dZbT/anXuA1+Q==:117 a=oZYUOEa10dZbT/anXuA1+Q==:17 a=HpEJnUlJZJkA:10
a=z0gMJWrwH1QA:10 a=KXl77lDgDEgIEtoqJYcA:9 a=iDOeUX-8L-hiZ9Zu5NwA:9
a=wPNLvfGTeEIA:10 a=yYyExnWlFzV2ju8ANBsA:9 a=fMZ_E1CIlfQA:10 a=IC_P5zELcC8A:10
X-WatchGuard-Spam-Score: clean
X-WatchGuard-Mail-Client-IP: 159.223.9.174
X-WatchGuard-Mail-From: [email protected]
X-WatchGuard-Mail-Recipients: [email protected]
=======
Secara attachment yang bervirus sudah di amankan oleh saya punya Security
Gateway.
Best Regards,
Slamet Raharjo
IT Dept.
--
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia
Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke [email protected]
Henti Langgan: Kirim mail ke [email protected]
Versi terakhir: MDaemon 21.5.2, SecurityGateway 8.5.1
--- Begin Message ---
Dear sir / madam
You have received fund transfer through Internet Banking Bank Mandiri. See
attached payment slip.
Date-Time : 26-04-2022 6:03:01
Domestic Bank Name : BCA (Bank Central Asia)
Amount : IDR 896,733,700.00
Berita : 20220420-2001H
Fibreboard,Corr;ANY;1180MM-150K/150M/150 Invoice No : 0536/III/22 - Desc :
Fibreboard;ANY;TOP BOARD-1166X1590MM-WIT Invoice No : 0710/III/22 - Desc :
Fibreboard;ANY;1130MM-150K/150M/150K-Inn
Invoice No : 0652/III/22 - Desc : Fibreboard;ANY;TOP BOARD-986X1460MM-WITH
We hope this information will be useful to you
Thank you.
Best regards,
Bank Mandiri
Attention: This e-mail (including all attachments, if any) is only
addressed to the recipients listed above. If you are not
the intended recipient, then you are not allowed to use, distribute,
distribute, or duplicate this e-mail and all attachments.
Please cooperate to immediately notify PT Bank Mandiri (Persero) Tbk
at the email address listed above and delete this e-mail and
all attachments. All opinions expressed in this e-mail are
personal opinion of the sender concerned and does not necessarily
reflect the views of PT Bank Mandiri (Persero) Tbk., unless
there is an agreement between the sender and recipient that this e-mail is
a form of official communication that can be accepted by both parties.
The WatchGuard Firebox that protects your network has detected a message that
may not be safe.
Cause : The message contains a virus.
Content type : application/octet-stream
File name : scan_payment_advice.xlsx
Status : Exploit.CVE-2018-0802.Gen
Action : The Firebox quarantined scan_payment_advice.xlsx.
Your network administrator can not restore this attachment.
--- End Message ---
