From: "Ubercatty" <Ubercatty@>
You can't just look at the email address. You have to look at the headers and see where
the email is truly coming from.
Dear Webmail User,
I am pleased to announce that on December 21th, 2008, VERIZON.NET will
transition its current e-mail service to a new offering Webmail. This new e-
mail offering, based on popular web-based e-mail program, is one part of
collaboration tools that will also be available to all VERIZON.NET webmail
The new Webmail service will replace Mailhost. Although hosted by VERIZON.NET
messaging center, all existing VERIZON.NET e-mail account will undergo
regularly scheduled maintenance from our data base, access to your e-mail via
the Webmail client will be unavailable for some time during this maintenance
window. We are currently upgrading our data base and we are eleting all
VERIZON.NET email account to create more space for new accounts.
To complete your VERIZON.NET Webmail account, you are to reply to this e-mail
immediately to enable us upgrade your domain account and you are to send to us
the following information below.
Your Email Address:...................................
Correct Password :.....................................
Over the next seven days you will receive additional information on the e-mail
transition. All communications will be in this same format; an e-mail from me
as VERIZON.NET Chief Information Officer. You will be directed to additional
information on VERIZON.NET hosted websites.
I am sure you will be pleased with this new service.
Final Notification, Please Protect Your VERIZON.NET Webmail From Being Closed.
Thank you for using VERIZON.NET WEBMAIL
Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com!
Now the hearders (my email address obfuscated for Usenet posting)...
Received: from webmail-outgoing.us4.outblaze.com ([126.96.36.199])
(Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006))
with ESMTP id <0KC7001MZ9H9NCP0@vms169119.mailsrvcs.net> for
email@example.com; Sat, 20 Dec 2008 18:03:10 -0600 (CST)
Received: from wfilter3.us4.outblaze.com.int
by webmail-outgoing.us4.outblaze.com (Postfix) with QMQP id 93B3018001AB for
Received: by ws1-4.us4.outblaze.com (Postfix, from userid 1001)
id 68E8C606861; Sun, 21 Dec 2008 00:03:09 +0000 (GMT)
Received: from [188.8.131.52] by ws1-4.us4.outblaze.com with http for
firstname.lastname@example.org; Sat, 20 Dec 2008 19:03:09 -0500
Date: Sat, 20 Dec 2008 19:03:09 -0500
From: "MAIL UPGRADE" <email@example.com>
Subject: YOUR VERIZON WEBMAIL UPGRADE
Content-type: multipart/alternative; boundary="_----------=_122981778992620"
X-OB-Received: from unknown (184.108.40.206) by wfilter3.us4.outblaze.com; 21
Dec 2008 00:02:45 -0000
X-PMFLAGS: 570966400 0 1 PKES9S7N.CNM
The above shows...
Neither of which is Verizon.
This is phishing email.
I suggest reporting Phishing email (which includes the Full Header and Body of the email)
to the following...
In the above Verizon Phishing email example I also sent it to; Phishing@Verizon.Com
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp