Phishing email

Phishing email, sender Cedexinvest.com Hosting: nvhserver.com

Subject: Liberty Reserve Service
X-PHP-Script: 72.20.34.206/~cedexinv/procces.php for 125.167.250.141, 125.167.250.141
From: no_reply
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id:
Date: Sun, 25 Apr 2010 16:43:06 +0700
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server13.nvhserver.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [517 513] / [47 12]
X-AntiAbuse: Sender Address Domain - server13.nvhserver.com

Dear Sir or Madam,





===============================

Thank you for using a Liberty Reserve service.

This letter was sent to your Liberty Reserve account.
===============================


As you may have noticed, Liberty Reserve's website was offline or undergoing various software upgrades a few weeks ago because of the need to apply some new security updates to the system. Everything is fine now but we need you to confirm your account with us. Please click on the following link and verify your account info by filling the form. This is done because there is a chance that some accounts do not function properly with the newly updated system and we would like to ensure that you are the genuine holder of the account. In case you don't fill all the fields, and an internal system conflict occurs between your account and system database, your Liberty Reserve account will be locked down for an unknown period of time.
We apologize for any inconvenience this might cause.

Please click on the following link to verify your account:


_http://www.libertyreserve.com/en/customer/login2/account/

Hiden link is:
http://fibertyreserve.com/en/customer/login2/account/

For information and support please e-mail us at support@libertyreserve.com

Thank you.

© 2002 — 2010 Liberty Reserve S.A. All rights reserved.

Phishing site: http://fibertyreserve.com
IP Information for 72.20.34.206
IP Location: United States United States Fullerton Staminus Communications
Resolve Host: server13.nvhserver.com
IP Address: 72.20.34.206
SSL Cert: www.rockfxltd.com SSL Certificate has expired.
Reverse IP: 61 other sites hosted on this server.

Phishing email

Phishing email,

** Liberty Reserve Account Block Notice **

Your account has been blocked due to numerous invalid login attempts. You will be unable to send and receive funds until your account has been activated. Click here to remove block from your account:
-http://www.libertyreserve.com/en/customer/unblock.aspx

hidden link :
_http://www.xjsparts.com.au/images/Libertyreserve.com/qwp/

Failing to unblock your account will result temporary account suspension.
Sincerely, Liberty Reserve Customer Service

If you receive this e-mail
* Do not reply.
* Do not open any attachments. Attachments may contain malicious code that will infect your computer.
* Do not click on any links.
If you clicked on links in a suspicious e-mail or phishing Web site and entered confidential information, change email and passwords and also Lgin PIN and Master Key - immediately

Phishing site: http://www.xjsparts.com.au/
IP Information for 209.25.170.13
IP Location: United States United States Dania Liquidnet Ltd
Resolve Host: supremeserver15.com
SSL Cert: liquidnet ltd. SSL Certificate has expired.
Reverse IP: 649 other sites hosted on this server.