Share via

Trojan Virus - Attached to Freemail - My Microsoft Credentials?

Derek Barker 0 Reputation points
2024-02-12T02:57:45.79+00:00

Good evening, I have tested my Outlook.com email and I was flagged as Spam. Attaching the report.....it seems I am being forwarded through a SMTP server or something. Can someone confirm? They have accessed my Apple ID, Bank Accounts, Government Accounts, Phone Number, Wifi, ect.
Is this malware ---- I checked the same email address from a College Campus computer, and I received different results. (Below, is the same test, but from my home Wifi) ----- WHY ARE THEY DIFFERENT?

Received: by mail-tester.com (Postfix, from userid 500)
	id 4133AA0A35; Mon, 12 Feb 2024 03:38:10 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mail-tester.com
X-Spam-Level: 
X-Spam-Status: No/0.1/5.0
X-Spam-Test-Scores: DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,
	DKIM_VALID_EF=-0.1,FREEMAIL_ENVFROM_END_DIGIT=0.25,FREEMAIL_FROM=0.001,
	HTML_MESSAGE=0.001,RCVD_IN_MSPIKE_H2=-0.001,SPF_HELO_PASS=-0.001,
	SPF_PASS=-0.001,T_FREEMAIL_DOC_PDF=0.01
X-Spam-Last-External-IP: 40.92.53.33
X-Spam-Last-External-HELO: APC01-SG2-obe.outbound.protection.outlook.com
X-Spam-Last-External-rDNS: mail-sgaapc01olkn2033.outbound.protection.outlook.com
X-Spam-Date-of-Scan: Mon, 12 Feb 2024 03:38:10 +0100
X-Spam-Report: 
	* -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
	*      [40.92.53.33 listed in wl.mailspike.net]
	* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
	* -0.0 SPF_PASS SPF: sender matches SPF record
	*  0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
	*       in digit (mubo33[at]outlook.com)
	*  0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
	*      provider (mubo33[at]outlook.com)
	*  0.0 HTML_MESSAGE BODY: HTML included in message
	* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	*      author's domain
	* -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
	*      envelope-from domain
	*  0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
	*       valid
	* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
	*  0.0 T_FREEMAIL_DOC_PDF MS document or PDF attachment, from freemail
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=40.92.53.33; helo=apc01-sg2-obe.outbound.protection.outlook.com; envelope-from=******@outlook.com; receiver=******@srv1.mail-tester.com 
DMARC-Filter: OpenDMARC Filter v1.3.1 mail-tester.com 4EF74A0A84
Authentication-Results: mail-tester.com; dmarc=pass header.from=outlook.com
Authentication-Results: mail-tester.com;
	dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=outlook.com header.i=@outlook.com header.b=SDaa81fL;
	dkim-atps=neutral
Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sgaapc01olkn2033.outbound.protection.outlook.com [40.92.53.33])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail-tester.com (Postfix) with ESMTPS id 4EF74A0A84
	for <******@srv1.mail-tester.com>; Mon, 12 Feb 2024 03:38:07 +0100 (CET)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=IZTaGXdLf71iAJPkvJpjKeEYtmdj6qOHu7BhoXCLFdALQ0wT32OFOEJKItNVACl3iXPIQRbTePIVnmsR6+JnwpMhNenKI0XJNPkWiVk/BTa3SEUuno+CjeheYi3MT8oyzcYnfgdJ/q4coJMCI8d7vcxF64XzUFblyh+8tLoYYxtGfyt/eIZgGms9gy2dmrf29Mtk/aJ/nTicL7DUQZY7lq10cD9UhXfbo10UOv+IJYw+sUZIq+HSh0zUVU4Q8o5R3GtweJVD/a7svCQAlNFCRRMsRSIGc8cHYOMAxlbFTZqAu2Pn98Naz7P04m1iViyX7HUvWz/tvJdtsjRoexKYZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=JOa94F5jlWZiNROyFxUexT/F3Dnz/XVWsyiJ5Y9ERrE=;
 b=Y+7nR0wUSejx5C5DY030TfOWv2O8BlPQTa+0Z5uDzIcJQvZWagxs6dF6bspu2zZc9Q6i/d9/mUsShXuk1E45RmERxTufsvHUkuNzGZoy6waF8Fk4Q16rvdDZHDIvOqJBPQVj0y9eN6O73Qk7SPdscUpQ5Gsjcapbnx8ND2xhWhIdZ8kaFp57glJoDgKynICHdCAUA6g2IlN2YCpZxq7A89EXXkmUTAvcPZQixsc6GnoDjPya/HAsWOHQfvi0ZoQPwR+VSb3DlPcnsDVZfeG9u0oJt+393e5vqYokin4FMWyswsDJLapWMt/VHtXDl9bJ1hmmkLuUfKBBdLpwKpkVYw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=JOa94F5jlWZiNROyFxUexT/F3Dnz/XVWsyiJ5Y9ERrE=;
 b=SDaa81fLYEKzkkOu8kcug54tL2zHFOfRkJcG90P5jVQ9z0zgYXR1JhcggTSEx2xxobgy7JwyXrtCu/9C7Wc92JW+CpsRYtjJ1Gj8jjS9hVQFlH/YdiC9mKP/0a9dTgZxL8Ci/BchofehWlkY7p1xQf46KodPKsDio1Q6v2ofigN2x7zCj6N/yeiwwhcaFoyfb0U/lmttrMT+omrJBbcDu0NICcw7uwzSjndMAnAqD9w86vUV8dPLR82psN10sRFqPqgib4PyihvDPNYlKuvtJXfBYw3TrhHMKJLfLBJpdgZKpVm1TuBZT9HnhIH0t0BHeDjLAimrXM1mcPNLxfgpAg==
Received: from PUZPR01MB5436.apcprd01.prod.exchangelabs.com
 (2603:1096:301:ee::5) by SI2PR01MB3851.apcprd01.prod.exchangelabs.com
 (2603:1096:4:109::10) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.35; Mon, 12 Feb
 2024 02:38:02 +0000
Received: from PUZPR01MB5436.apcprd01.prod.exchangelabs.com
 ([fe80::910:d0cc:bfcb:c50b]) by PUZPR01MB5436.apcprd01.prod.exchangelabs.com
 ([fe80::910:d0cc:bfcb:c50b%4]) with mapi id 15.20.7270.033; Mon, 12 Feb 2024
 02:38:02 +0000
From: Derek Barker <******@outlook.com>
To: "******@srv1.mail-tester.com"
	<******@srv1.mail-tester.com>
Subject: Testing
Thread-Topic: Testing
Thread-Index: AQHaXVxg/C708zziq0+YpE+8TXZ3Tw==
Date: Mon, 12 Feb 2024 02:38:02 +0000
Message-ID:
 <******@PUZPR01MB5436.apcprd01.prod.exchangelabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-tmn: [53PRttqOsSUDwwTsATBCC14LHMQdu/WoT6qKlNkLJ0FF+MMbJ44GN0pxJLwblmpk]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PUZPR01MB5436:EE_|SI2PR01MB3851:EE_
x-ms-office365-filtering-correlation-id: 35ecdaec-e279-4534-07ce-08dc2b73a288
x-ms-exchange-slblob-mailprops:
 ajlDcABzOp4aiWEnmNI/0RpGuS9aIzyEnjUqNub5jcdECpPMgSEMuKauCfJu5NzhYYoUq9nZW5S8ns1wLXDEGbHbd9/6i7kK+YVFGugC5RGxXCPccMZal9XMs331hVkkpYI8UGTVQIdeu41WOGDo8q1UcIY1TJxgIlYUlBmVPpOPcU+0q9h0LrhwMCUwVGpSzG8fE0V6zuE8ZOuEiOERqqprq/pQj40MUjIyliBWxpiW4MztqWw9kCNjRFpsRaakgAnWda1O7R8vlyPXs6bCcnNxTHdUPiwWcxKT9PXJBLlyG5yro3a6KSj7RX55N7hSnF5jGWznz1GdO79Ovj/ePTTilVCBG/K6UVOU+zwNtYJKbiEf95BAB37oEYE7arVPXPM6MEeUNHFE47xXsq6KzeR8RcNzPJ4JUSeYN0zOTmF//CsOJPICtmOhaWhoDeRHANh0+ZfAFbiJN/8AAjYHa6WE1PcQkf/ThbcaH/k/oCICAgM6OiD1ZyZ/4kFqw24fJAkBUhfKPzry3D01Ntd365F8crzagZLxxbSUUsuFIo2LN0oCUnBMiLb1caaSS7Pf/VvCPLdabQ8=
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
 DUa1CH2WqgH0KW1C3Rc7icg+Kji2iTDOdfsVCWEtrjVcu5/I/9X9OYzWx6azvLslV91rhhtoadXMny59z8ItyoFRTMZ2eGxvO2DuRTGslvIn/77AMbingKZA8VZUDfwaZBtKfanmQNTji8j9gy3JV+l25Ny20i3AE3ckKUd+RdVWGYHfOyb5OrQHILMcUhCgO1NNqIY9cC6aJ9dX2pa1dH5qyeattGO8NU6ww4wcSjePglMnbQ55Rp4m0RIepdR/Zogx3MXrjod3WCDKnlDRZHTaa7BJ4H9mjSgVfNF+nt2VSSfDJXgDGXqM1nLgT2SZAQHAZFPQPa4y6Ywz94vZS4bUvy5fEFa5teKgRGrU01yWfcPTuzbmgwb6MhUX3kzjiSP63Bx6gTHT8j1ey3yTbyOjDGO1w3SBdax/YA2JLRpBnS80BK0nYKImhmmivmlXHuEaRt55f0K8G+YvNFBB8cV78fYO+3wyzJL19oKRg5+qjYSwmBpTkjhu+YwiPf4nH2oXUeRTzrb29yw/lDvmUWy0TonlWpqdWLaijGdffX3ORYLXplfXGMnMfYTJjtIzK8rG9/zVMJLPx5rP7JyA4g==
x-ms-exchange-antispam-messagedata-chunkcount: 1
Windows for business | Windows Server | Devices and deployment | Configure application groups
0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.