设为首页|收藏本站|
发帖
登录 注册
西兔生活网 华人生活 唐人街茶馆 对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请 ...
回复 发帖
返回列表 发新帖
开启左侧

[闲聊] 对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ...

[复制链接]
5288 0
yxm_1314 发表于 2022-9-3 11:59:01 | 只看该作者 打印 上一主题 下一主题
 
邮件原文
标题:Message need your participation in processing :Pepsico LLC RFQ 100729150
发件人:来自百事可口可乐企业邮箱
邮件正文:
Dear Valued Supplier,

We have called the number on your website but unfortunately no one answered.
We kindly request you to submit your quotation on supplying to PepsiCo LLC
as per your company stated Products.
Please find in the attachment RFQ 100729150 that include all detAIls for the needed products.
**Please note that Vendor's Quotations in response to this RFQ will be incorporated ONLY
if they include all information in the Quotation Submission Requirements Checklist found below.
Failure to include all sections will result in the rejection of your quotation.
All Quotations Must Be:
ü Printed on Official Company Letterhead, Signed and Stamped.  
o    Key contact name, title, address (if different from above address), direct telephone and fax numbers.
ü Including Accurate, Clear and Complete Pricing.   
o    Include fees-breakdown and estimates of any other expenses.
ü Including the Issuing Date of the Quotation.  
ü Including the Validity Date for the Quotation.  
ü VAT shall be indicated separately ( VAT percentage , VAT amount ) .  
ü Quotations shall be provided in excel format, img & non editable (PDF).  
ü Soft Copy (electronic) is only need, no hard copies.  
Deadline
  for Quotation Submission		08/31/2022
General requirements that must be strictly adhered to
Mention the supplier's
  number clearly on the quote
  Indicate if the company is subject to VAT or not
  Never start any business or supplies before the supply order
  is issued
  Not to start work at all before verifying the validity of the
  supply order data (company name & item
  prices & added
  tax)
  Categorically, the
  invoice submitted must be completely identical to the supply order in terms
  of price and quantity and any difference must be referred to the purchases.
Remarks:
v  Pepsico LLC Payment Terms: Net 60 Days.
v  Pepsico LLC retains the right to refuse any quotation collected, wholly or partially, without providing any cause, reason or basis for this refusal.
v  Pepsico LLC will not reimburse costs incurred in developing the quotation.
v   Pepsico LLC reserves the right to negotiate on all or any part of the quotation.
v Pepsico LLC retains the right to award Partial/ Total suppliers mentioned in the RFQ.
       We look forward to receiving your response

Shaimaa Gaber
Procurement Operations - Execution Professional

Procurement Department
Tel. +20235358570

这是一种极度专业的钓鱼。这个邮件具备了对外贸易中非常专业的细节。如果你对风险意识淡泊,那你的电脑已经挂了。
附上图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第1张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第2张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第3张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第4张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第5张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第6张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第7张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第8张图片

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第9张图片
病毒名称:
事件: 检测到恶意对象
用户: DESKTOP-CQIB7IE
用户类型: 活动用户
应用程序名称: OUTLOOK.EXE
应用程序路径: C:\Program Files\Microsoft Office\root\Office16
组件: 邮件反病毒
结果说明: 检测到
类型: 木马
名称: UDS:Trojan.Win32.Guloader.gen
精确度: 确切
威胁级别: 高
对象类型: 邮件附件
对象名称: Pepsico LLC RFQ Information.com
对象路径: [From:"Shaimaa Gaber - Pepsico LLC Procurement Operations" <peporder.me@pepsico.com>][Subject:Pepsico LLC RFQ 100729150][Time:2022/08/26 08:36:39]//Pepsico LLC RFQ Information.img//
MD5: C4A322EE3B43893D968BD76027F57011
原因: 云保护
还有一个病毒名称:Trojan:win32/Wacatac.C!ml
邮件信头
Received: from TY2PR01MB2938.jpnprd01.prod.outlook.com (2603:1096:404:70::17) by OSAPR01MB4178.jpnprd01.prod.outlook.com with HTTPS; Fri, 26 Aug 2022 00:36:39 +0000
Received: from BN7PR02CA0003.namprd02.prod.outlook.com (2603:10b6:408:20::16) by TY2PR01MB2938.jpnprd01.prod.outlook.com (2603:1096:404:70::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5546.17; Fri, 26 Aug 2022 00:36:33 +0000
Received: from BN7NAM10FT016.eop-nam10.prod.protection.outlook.com (2603:10b6:408:20:cafe::39) by BN7PR02CA0003.outlook.office365.com (2603:10b6:408:20::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5525.11 via Frontend Transport; Fri, 26 Aug 2022 00:36:32 +0000
Authentication-Results: spf=softfail (sender IP is 198.255.21.68) smtp.mailfrom=pepsico.com; dkim=none (message not signed) header.d=none;dmarc=fail action=none header.from=pepsico.com;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning pepsico.com discourages use of 198.255.21.68 as permitted sender)
Received: from ns-273.awsdns-34.com (198.255.21.68) by BN7NAM10FT016.mail.protection.outlook.com (10.13.156.226) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15 via Frontend Transport; Fri, 26 Aug 2022 00:36:32 +0000
X-IncomingTopHeaderMarker: OriginalChecksum:93EC67BF356A6179A8347B91BF4A8D4BF74BF3061A067855AE899DECB09B6EE6;UpperCasedChecksum:7E751A41154F5A85CD2645D5D79ACFA284FFD0A06F9284D8A39CD97CB1B23C3E;SizeAsReceived:1091;Count:15
Received: from [208.89.61.194] (port=50299) by ns-273.awsdns-34.com with esmtpsa  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <peporder.me@pepsico.com>) id 1oRNKp-0002lb-G2 for *************; Thu, 25 Aug 2022 20:36:31 -0400
From: "Shaimaa Gaber - Pepsico LLC Procurement Operations" <peporder.me@pepsico.com>
To: <*************>
Subject: Message need your participation in processing :Pepsico LLC RFQ 100729150
Date: 25 Aug 2022 17:36:27 -0700
Message-ID: <20220825173627.ADFC1B384D470AC7@pepsico.com>
Content-Type: multipart/mixed;
        boundary="----=_NextPart_000_008A_01D8B927.2EFB16A0"
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ns-273.awsdns-34.com
X-AntiAbuse: Original Domain - .*********
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - pepsico.com
X-Get-Message-Sender-Via: ns-273.awsdns-34.com: authenticated_id: admin@aws.amazon.com
X-Authenticated-Sender: ns-273.awsdns-34.com: admin@aws.amazon.com
X-IncomingHeaderCount: 15
Return-Path: <peporder.me@pepsico.com>
X-MS-Exchange-Organization-ExpirationStartTime: 26 Aug 2022 00:36:32.3477 (UTC)
X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
X-MS-Exchange-Organization-Network-Message-Id: 34e27b90-458b-43e5-b6ac-08da86fb0617
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-MS-PublicTrafficType: Email
X-MS-Exchange-Organization-AuthSource: BN7NAM10FT016.eop-nam10.prod.protection.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-UserLastLogonTime: 8/26/2022 12:32:46 AM
X-MS-Office365-Filtering-Correlation-Id: 34e27b90-458b-43e5-b6ac-08da86fb0617
X-MS-TrafficTypeDiagnostic: TY2PR01MB2938:EE_
X-MS-Exchange-EOPDirect: true
X-Sender-IP: 198.255.21.68
X-SpamFlt-Status: Not Detected
X-MimeOLE: Produced By Microsoft MimeOLE
X-KASFlt-Status: {Tracking_from_domain_doesnt_match_to}
X-KASFlt-Status: Method: none
X-KASFlt-Status: {Prob_stat_virus, att3}
X-KASFlt-Status: {Track_Chinese_Simplified, headers_charset}
X-KASFlt-Status: {Tracking_smtp_domain_mismatch}
X-KASFlt-Status: Status: not_detected
X-KASFlt-Status: Version: 5.9.18.0
X-KASFlt-Status: LuaCore: 496 496 76afdfb3eafb219d63a59f0593e2cada48535e98
X-KASFlt-Status: Lua profiles 172387 [Aug 25 2022]
X-KASFlt-Status: Rate: 20
X-KASFlt-Status: ApMailHostAddress: 198.255.21.68
X-KASFlt-Status: {Prob_HDR_MSGINFO_X_Message_Info_found}
X-SID-PRA: PEPORDER.ME@PEPSICO.COM
X-SID-Result: FAIL
X-SpamFlt-Phishing: Not Detected
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-Organization-SCL: 1
X-Microsoft-Antispam: BCL:5;
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Aug 2022 00:36:32.3008 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 34e27b90-458b-43e5-b6ac-08da86fb0617
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-AuthSource: BN7NAM10FT016.eop-nam10.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY2PR01MB2938
X-MS-Exchange-Transport-EndToEndLatency: 00:00:07.1134826
X-MS-Exchange-Processed-By-BccFoldering: 15.20.5566.015
X-Microsoft-Antispam-Mailbox-Delivery: abwl:0;wl:0;pcwl:0;kl:0;iwl:0;ijl:0;dwl:0;dkl:0;rwl:0;ucf:0;jmr:0;ex:0;psp:0;auth:0;dest:I;ENG:(5062000285)(90000117)(90005022)(91005020)(91035115)(5061607266)(5061608174)(9050020)(9100338)(2008001134)(2008121020)(4810004)(4910033)(8810097)(9575002)(10195002)(9320005);
X-Message-Info: qZelhIiYnPkvprUZPkVofbnb5/U3Ol2yaJPOgLRjN1uDzejd5Ciw6K5yy6uHInebDIK4iM/wmhzPAp3F6wueseOYvjvfzXR7LzC8gJDru4MC5HZCLGjhLSHkVkZBLUaur1Le7epChPuIgOKpVcpavsWLKRVCyTXmzIVVxExAsu1OpCOBGtcXeT7Sz+uJoTJr2k/0UlfXITQfzBNA8j6kHw==
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtHRD0yO1NDTD0z

对外贸易-曝光一份伪造著名企业邮箱发送病毒攻击邮件-请务必 ... 第10张图片
这是一封超级专业与危险的邮件,请你一定要注意,不要打开附件。


上一篇:9 月 1 日大连新增 112 例本土无症状感染者,目前当地疫情 ...
下一篇:中秋、国庆“两节”临近,北京疾控发布防疫提示
@



1.西兔生活网 CTLIVES 内容全部来自网络;
2.版权归原网站或原作者所有;
3.内容与本站立场无关;
4.若涉及侵权或有疑义,请点击“举报”按钮,其他联系方式或无法及时处理。
举报
回复

使用道具 举报

 
返回列表
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

yxm_1314白金会员

0关注

6粉丝

433帖子

热门图文
热门帖子
排行榜
活跃网友
返回顶部快速回复上一主题下一主题返回列表APP下载手机访问
Copyright © 2016-2028 CTLIVES.COM All Rights Reserved.  西兔生活网  小黑屋| GMT+8, 2024-5-18 10:48