WebMoney Phishing Emails
Recently, you could watch topics on Habré with examples of bad letters from one hosting company, and I want to tell you about bad letters from one payment system.
I know that many Khabrovsk residents have their own WMID in the WebMoney payment system, so I think you will be interested in the example and analysis of my letter ...
Yesterday I was finally lucky and I received a letter that I had heard about many times, but really wanted to see with my own eyes:

Let me explain that the letter was composed very correctly for the average user of the WebMoney system with the expectation of phishing:
From: WebMoney.Passport
Subject: Message from the mail robot of the WebMoney Transfer certification center.
There is also a solid signature:
General Director: Agureev Andrey Vladimirovich.
tel. 7 (495) 727-20-07
e-mail: [email protected]
Mailing address: 14 Silikatny proezd, 14, bld. 2, p. 14
But personally in this letter I was “surprised” by 4 points:
1) I am offered to go through authorization in WM Mini, but for a long time everything has been activated there;
2) I am offered to do this on a second-level domain mini-webmoney.ru, but I know that I need a third-level domain - mini.webmoney.ru;
3) I am invited to do this by the general director from Moscow (guarantee.ru), and my Guarantor is in Kiev (ukrgarant.com), because I live in Ukraine and signed an agreement for servicing my U wallet with him;
4) I was sent a letter to the wrong email address.
Of course, I understand that all the literate people have gathered here, so we’ll climb to look at the headers of the letter:

As you might have guessed, no Webmans smelled of anything there ...
But I was outraged by something else - the scammers wrote this phishing email addressed to me personally!
I can confirm this by analyzing the following points - my name and patronymic indicated in the letter are open only in my WM certificate, so the fraudsters clearly looked at him and saw that I am a system consultant and I have a site on which I advise others, how to deal with scammers. Another indirect proof of their viewing of the site may be the email address to which the letter came from the huiz data.
But, in spite of all this, the scammers had the audacity to send me a “useful” link, apparently, in the expectation that I would not be very attentive.
It is worth mentioning here that letters to other users come with other reasons for authorization in the Mini - WM output, identifier blocking, card verification, etc. Fraudsters act on the situation and the information they have on the victim ...
I can not add that the divorce from Mini is now very popular among scammers, therefore, in order to avoid troubles, it is advisable to turn on this method of management on the system’s security site and install powers of attorney on existing wallets for Classic or Light, and then make an entrance to Mini through Enum or SMS authorization.
Be careful dear friends! If you have any questions, I will be glad to answer them ...