Googled the number and email address. no results.
On 9/18/2020 1:55 PM, Chuck McCown wrote:
I would call the number, at least google the number.
Sent from my iPhone
On Sep 18, 2020, at 12:51 PM, Nate Burke <n...@blastcomm.com> wrote:
I got this message to the INFO mailbox of a company we acquired a year ago.
Everything about it says that it's spam, but the headers look legit. Although
the 153.31.119.142 IP address does not exist in the ARIN whois. BGP.he.net
says that it's part of a /17 assigned to the FBI. It has an attached PDF that
I have not yet opened. (file name SBP634366-WOW125412.pdf) I can't imagine
this is anything other than Spam/virus? Is it possible this is how the FBI
Actually sends out things?
What's the best way to open a suspect PDF File?
_____________________
*** CHILD EXPLOITATION ***
Good afternoon - please review the attached administrative subpoena and proceed
accordingly - thank you and have a great weekend!
AS Jennifer L. Isom
FBI Chicago
Violent Crimes Against Children
312-829-5835
---------------------------------------------
Email Headers:
Received: from mx-east-ic.fbi.gov ([153.31.119.142])
Received: from unknown (HELO HQV2-UEMBX-401.fbi.gov) ([10.93.22.26])
by mx-east-ic.fbi.gov with ESMTP; 18 Sep 2020 14:21:58 -0400
Received: from hqv2-uembx-402.FBI.GOV (10.90.70.12) by hqv2-uembx-401.FBI.GOV
(10.90.70.11) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 18 Sep
2020 14:21:57 -0400
Received: from USG02-CY1-obe.outbound.protection.office365.us (10.90.70.8) by
hqv2-uembx-402.FBI.GOV (10.90.70.12) with Microsoft SMTP Server (TLS) id
15.0.1497.2 via Frontend Transport; Fri, 18 Sep 2020 14:21:57 -0400
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=fbi.gov; dmarc=pass action=none header.from=fbi.gov; dkim=pass
header.d=fbi.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=dojfbi.onmicrosoft.com; s=selector1-dojfbi-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=vBv3/mLV7bc3i7PO8fotIxOyxMy562h5qqwbW3309QI=;
b=UqGJLZtTRQr6f1KaIJq/IjMFFc5skaGN4rQQMHgHWUAe4pw963vIjTILv/cQHH1CToFXgXUu980qar5uXnG7TKH5fVRIoVuWxu4VhWEEXZ8ePAQMkWXYdfKuR2NGS3cC3hVoxL6iHi/kXd5CKwbXopVnfiPgDuOFB84Rof0LTHk=
Received: from CY1P110MB0551.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:404::14)
by CY1P110MB0567.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:404::18) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.17; Fri, 18 Sep
2020 18:21:54 +0000
Received: from CY1P110MB0551.NAMP110.PROD.OUTLOOK.COM
([fe80::75b8:922a:1a45:32c0]) by CY1P110MB0551.NAMP110.PROD.OUTLOOK.COM
([fe80::75b8:922a:1a45:32c0%10]) with mapi id 15.20.3391.017; Fri, 18 Sep
2020 18:21:54 +0000
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com