Return-Path:
Received: from cdptpa-mxlb.mail.rr.com ([10.127.255.14])
by cdptpa-imta12.mail.rr.com with ESMTP
id
for ; Thu, 10 Jul 2008 00:00:26 +0000
X-IronPort: cdptpa-mx11.mail.rr.com 443110612
X-RR-Connecting-IP: 63.71.8.107
Received: from smtpout.zixmail.net ([63.71.8.107])
by cdptpa-mxlb.mail.rr.com with ESMTP; 10 Jul 2008 00:00:26 +0000
Received: from mailhost (unknown [192.168.128.73])
by smtpout.zixmail.net (Proprietary) with ESMTP id 50A352C2A2A
for ; Wed, 9 Jul 2008 19:00:25 -0500 (CDT)
From: "CIGNA Dental Customer Service"
To: [email protected]
Reply-To: [email protected]
Subject: New Email Notice: You have a secure email from CIGNA
Date: Wed, 09 Jul 2008 19:00:25 CDT
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----9h9rFCFVUma1zMhM906lq6dEXE2Q1zJJ"
X-From-ZixPort: cigna-e
X-ZixNet: Notification
Message-Id:
X-Antivirus: AVG for E-mail 8.0.138 [270.4.7/1543]
You have received a message from: CIGNA Dental Customer Service
Select the link below to access your CIGNA Secure Mailbox:
https://www3.cignasecure.com/s/e?m=ABBP6ya0FYLTYvVUMtYCx6dp
Please do not reply to this email message. The return address is not monitored.
-----------------------------------------------------------------
Notice the recieved from address.
When I go to the listed url, I get a screen asking to create a userid and provide all sorts of personal info.
I do have CIGNA DMHO and acessed the CIGNA website yesterday for the first time in over a year.
Now my question is, how did the phisher know this? Could there be something on my system tracking my browser use?
Received: from cdptpa-mxlb.mail.rr.com ([10.127.255.14])
by cdptpa-imta12.mail.rr.com with ESMTP
id
for ; Thu, 10 Jul 2008 00:00:26 +0000
X-IronPort: cdptpa-mx11.mail.rr.com 443110612
X-RR-Connecting-IP: 63.71.8.107
Received: from smtpout.zixmail.net ([63.71.8.107])
by cdptpa-mxlb.mail.rr.com with ESMTP; 10 Jul 2008 00:00:26 +0000
Received: from mailhost (unknown [192.168.128.73])
by smtpout.zixmail.net (Proprietary) with ESMTP id 50A352C2A2A
for ; Wed, 9 Jul 2008 19:00:25 -0500 (CDT)
From: "CIGNA Dental Customer Service"
To: [email protected]
Reply-To: [email protected]
Subject: New Email Notice: You have a secure email from CIGNA
Date: Wed, 09 Jul 2008 19:00:25 CDT
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----9h9rFCFVUma1zMhM906lq6dEXE2Q1zJJ"
X-From-ZixPort: cigna-e
X-ZixNet: Notification
Message-Id:
X-Antivirus: AVG for E-mail 8.0.138 [270.4.7/1543]
You have received a message from: CIGNA Dental Customer Service
Select the link below to access your CIGNA Secure Mailbox:
https://www3.cignasecure.com/s/e?m=ABBP6ya0FYLTYvVUMtYCx6dp
Please do not reply to this email message. The return address is not monitored.
-----------------------------------------------------------------
Notice the recieved from address.
When I go to the listed url, I get a screen asking to create a userid and provide all sorts of personal info.
I do have CIGNA DMHO and acessed the CIGNA website yesterday for the first time in over a year.
Now my question is, how did the phisher know this? Could there be something on my system tracking my browser use?