«

What ever you do DO NOT follow the directions in any email claiming to
be from your bank, if in doubt ALWAYS ring your local branch and ask
them if the bank has sent out this kind of email, the answer will always
be NO they do NOT do that.




From Thu May 27 11:13:04 2004
>>From Thu May 27 11:12:11 2004
Received: from its-mm1.massey.ac.nz (its-mm1 [130.123.128.45])
by its-mail1.massey.ac.nz (8.9.3/8.9.3) with ESMTP id LAA01966
for <>; Thu, 27 May 2004 11:12:11 +1200
(NZST)
Received: from mu-relay1.massey.ac.nz (Not Verified[130.123.2.98]) by
its-mm1.massey.ac.nz with NetIQ MailMarshal
id <B002e07437>; Thu, 27 May 2004 11:12:09 +1200
Received: from westpactrust.co.nz (unknown [217.129.33.16])
by mu-relay1.massey.ac.nz (Postfix) with SMTP id 04EAF37958
for xxxxxxxxxxxxxxxxxxx; Thu, 27 May 2004 11:05:06 +1200 (NZST)
Date: Wed, 26 May 2004 23:02:39 +0000
From: Westpac support <>
Subject: Official information for all Westpac New Zealand customers
To: "xxxxxxxxxxxxxxxxxx
References: <>
In-Reply-To: <>
Message-ID: <>
Reply-To: Westpac support <>
Sender: Westpac support <>
MIME-Version: 1.0
Content-Type: text/html; charset=Windows-1251
Content-Transfer-Encoding: 8bit



<html>
<head></head>
<body>
Dear Valued Customer,<br><br>
We have just installed our new security system<br>
which will help you to avoid frequently fraud<br>
transactions and to keep your investments in safety. <br>
<br>
Due to this technical update we are insisting our<br>
clients to verify reactivate their accounts. <br>
<br>
Please click on the link below and wait while a new window<br>
opens. Then fill out Westpac account verification form<br>
and click the 'submit' button. The verification process<br>
normally takes about 10 seconds but it may take longer<br>
during certain times of the day. When your information<br>
will be successfully updated, you will return to the main<br>
page.<br>
<a
href="http://ebay.dasmarket.biz/wnz/jasp.html">https://sec.westpactrust.c
o.nz/IOLB/newSession</a><br>
<br>
We appreciate your business. It's truly our pleasure to serve you.<br>
<br>
Westpac New Zealand Customer Care <br>
<br>
This email is for notification only. To contact us, <br>
please log into your account and send a Bank Mail. <br>
</body>
</html>

Keith Whitehead wrote:
> What ever you do DO NOT follow the directions in any email claiming to
> be from your bank, if in doubt ALWAYS ring your local branch and ask
> them if the bank has sent out this kind of email, the answer will always
> be NO they do NOT do that.

> for <k.j.whitehead_no_el-spammo_@massey.ac.nz>; Thu, 27 May 2004 11:12:11 +1200

further to that, when posting these sort of messages, be sure to
anit-spamify your email addy.


--
Dave Hall
http://www.dave.net.nz
http://www.dunedinwireless.co.nz

In article <>,
"Dave - Dave.net.nz" <dave@no_spam_here_please.dave.net.nz> wrote:

> Keith Whitehead wrote:
> > What ever you do DO NOT follow the directions in any email claiming to
> > be from your bank, if in doubt ALWAYS ring your local branch and ask
> > them if the bank has sent out this kind of email, the answer will always
> > be NO they do NOT do that.
>
> > for <k.j.whitehead_no_el-spammo_@massey.ac.nz>; Thu, 27 May 2004
> > 11:12:11 +1200
>
> further to that, when posting these sort of messages, be sure to
> anit-spamify your email addy.

Ahh bugger, missed that one, got interrupted at work...oh well I already
get tons of spam each day.... sigh....

Keith Whitehead <> wrote in
news:No_email_address-:

> Received: from westpactrust.co.nz (unknown [217.129.33.16])

05/27/04 15:57:18 dns 217.129.33.16
nslookup 217.129.33.16
Canonical name: ff-217-129-33-16.netvisao.pt
Addresses:
217.129.33.16

05/27/04 15:56:57 dig 217.129.33.16 @ 203.96.152.4
Dig 16.33.129.217.in-addr.arpa@203.96.152.4 ...
Non-authoritative answer
Recursive queries supported by this server
Query for 16.33.129.217.in-addr.arpa type=255 class=1
16.33.129.217.in-addr.arpa PTR (Pointer) ff-217-129-33-16.netvisao.pt
129.217.in-addr.arpa NS (Nameserver) ns.ripe.net
129.217.in-addr.arpa NS (Nameserver) ns.netvisao.pt
129.217.in-addr.arpa NS (Nameserver) ns2.netvisao.pt
ns.netvisao.pt A (Address) 213.228.128.5
ns2.netvisao.pt A (Address) 213.228.128.6

..pt = Portugal

You could email netvisao's abuse team if you cared enough, but you should
definetely tell the bank about it so they can take actions if they wish.

Ciao, Dave

In article <Xns94F6A3D679BBdaveytaynospamplshot@202.20.93.13> ,
Dave Taylor <> wrote:

> Keith Whitehead <> wrote in
> news:No_email_address-:
>
> > Received: from westpactrust.co.nz (unknown [217.129.33.16])
>
> 05/27/04 15:57:18 dns 217.129.33.16
> nslookup 217.129.33.16
> Canonical name: ff-217-129-33-16.netvisao.pt
> Addresses:
> 217.129.33.16
>
> 05/27/04 15:56:57 dig 217.129.33.16 @ 203.96.152.4
> Dig 16.33.129.217.in-addr.arpa@203.96.152.4 ...
> Non-authoritative answer
> Recursive queries supported by this server
> Query for 16.33.129.217.in-addr.arpa type=255 class=1
> 16.33.129.217.in-addr.arpa PTR (Pointer) ff-217-129-33-16.netvisao.pt
> 129.217.in-addr.arpa NS (Nameserver) ns.ripe.net
> 129.217.in-addr.arpa NS (Nameserver) ns.netvisao.pt
> 129.217.in-addr.arpa NS (Nameserver) ns2.netvisao.pt
> ns.netvisao.pt A (Address) 213.228.128.5
> ns2.netvisao.pt A (Address) 213.228.128.6
>
> .pt = Portugal
>
> You could email netvisao's abuse team if you cared enough, but you should
> definetely tell the bank about it so they can take actions if they wish.
>
> Ciao, Dave

Both were done, the FBI internet fraud center was also informed

In article <No_email_address-6DB47F.11412127052004@mu-
relay1.massey.ac.nz>, says...
> What ever you do DO NOT follow the directions in any email claiming to
> be from your bank, if in doubt ALWAYS ring your local branch and ask
> them if the bank has sent out this kind of email, the answer will always
> be NO they do NOT do that.

The poor English is a dead giveaway, but still it's scary to think that
some people are so unaware of these scammers that Westpac have actually
had customers who went to these sites and filled in their details

On Thu, 27 May 2004 19:10:05 +1200, Patrick Dunford
<> wrote:

>The poor English is a dead giveaway, but still it's scary to think that
>some people are so unaware of these scammers that Westpac have actually
>had customers who went to these sites and filled in their details

Why doesn't some organisation hammer hell out of the IP address that
the link goes to, as soon as the email first appears? I've had 8 of
these emails so far.
This one appears to be linking to ebay.dasmarket.biz 219.129.20.204

In article < >,
Patrick Dunford <> wrote:

> In article <No_email_address-6DB47F.11412127052004@mu-
> relay1.massey.ac.nz>, says...
> > What ever you do DO NOT follow the directions in any email claiming to
> > be from your bank, if in doubt ALWAYS ring your local branch and ask
> > them if the bank has sent out this kind of email, the answer will always
> > be NO they do NOT do that.
>
> The poor English is a dead giveaway, but still it's scary to think that
> some people are so unaware of these scammers that Westpac have actually
> had customers who went to these sites and filled in their details

And the banks official line is...you give your details to anyone, we are
not responsible, if you loose all your money then tough luck go cry
elsewhere. And I agree with the bank, stupidity has its own rewards.

In article <who->,
whoisthis <> wrote:


> And the banks official line is...you give your details to anyone, we are
> not responsible, if you loose all your money then tough luck go cry
> elsewhere. And I agree with the bank, stupidity has its own rewards.


Look they are back..... and the english has not improved either. Copy
sent to the bank, the ISP and the FBI internet fraud centre



From Fri May 28 07:24:15 2004
>>From Fri May 28 02:38:56 2004
Received: from its-mm1.massey.ac.nz (its-mm1 [130.123.128.45])
by its-mail1.massey.ac.nz (8.9.3/8.9.3) with ESMTP id CAA32617
for >; Fri, 28 May 2004 02:38:56 +1200 (NZST)
Received: from mu-relay1.massey.ac.nz (Not Verified[130.123.2.98]) by
its-mm1.massey.ac.nz with NetIQ MailMarshal
id <B002e17eb1>; Fri, 28 May 2004 02:38:56 +1200
Received: from westpac.co.nz (49.Red-81-44-29.pooles.rima-tde.net
[81.44.29.49])
by mu-relay1.massey.ac.nz (Postfix) with SMTP id 5BD8D3764D
for >; Fri, 28 May 2004 02:38:52 +1200 (NZST)
Date: Thu, 27 May 2004 14:34:27 +0000
From: Westpac support center <>
Subject: Official information from Westpac New Zealand
To: "K.j.whitehead" <>
References: <>
In-Reply-To: <>
Message-ID: <>
Reply-To: Westpac service center <>
Sender: Westpac support <>
MIME-Version: 1.0
Content-Type: text/html; charset=Windows-1251
Content-Transfer-Encoding: 8bit



<html>
<head></head>
<body>
Dear Valued Customer,<br><br>
We have just installed our new security system<br>
which will help you to avoid frequently fraud<br>
transactions and to keep your investments in safety. <br>
<br>
Due to this technical update we are insisting our<br>
clients to verify reactivate their accounts. <br>
<br>
Please click on the link below and wait while a new window<br>
opens. Then fill out Westpac account verification form<br>
and click the 'submit' button. The verification process<br>
normally takes about 10 seconds but it may take longer<br>
during certain times of the day. When your information<br>
will be successfully updated, you will return to the main<br>
page.<br>
<a href="http://ebay.dasmarket.biz/wnz/jasp.html">https://sec.westpactrust.co.nz/IOLB/newSession</a><br>
<br>
We appreciate your business. It's truly our pleasure to serve you.<br>
<br>
Westpac New Zealand Customer Care <br>
<br>
This email is for notification only. To contact us, <br>
please log into your account and send a Bank Mail. <br>
</body>
</html>

whoisthis wrote:

>
> And the banks official line is...you give your details to anyone, we
> are not responsible, if you loose all your money then tough luck go
> cry elsewhere. And I agree with the bank, stupidity has its own
> rewards.

You seem then to think that there is nothing wrong with fraudulently
impersonating a communication from a bank, obtaining their customer lists,
setting up fraudulent online transaction systems to harvest credit card
details, because it is all the customers fault once they are deceived.
They are criminal activities like those of any paper fraudster and the law
provides for reparation