Bizarre. Email from Venezuela for a bank in the UK asking you to call an 800 number in the US. :confused: and a member of the FDIC! :confused:

From Alliance & Leicester Commercial Bank
Return-Path: <message.buisiness@alliance-leicester.co.uk>
Received: from 190.200.10.105, Venezuela, Caracas, cantv.net
From: "Alliance & Leicester Commercial Bank" <message.buisiness@alliance-leicester.co.uk>
Subject: Customer database regular maintenance.
Date: Mon, 10 Dec 2007


Dear Alliance & Leicester Business Banking customer,

We are currently performing regular maintenance of our security measures for online banking and customer databases.

We apologize for the inconvenience but your account was randomly selected for verification and you'll be taken through a short authentication process.

To start now please click here.

Please note! If we don't recieve the appropriate account verification within 24 hours since you've got this email your online access can be suspended until further notice. The purpose of this verification is to ensure your account has not been fraudulently used and you're not a victim of identity theft.

Thank you for understanding and helping us improve.

Equal Housing LenderMember FDIC© Copyright 2007 Alliance & Leicester Corporation1-800-REGIONS

I got one too.

From <service@mybusinesbank.co.uk>
X-Originating-IP: [72.1.17.18], UK, Intrahost Ltd.
Return-Path: <service@mybusinesbank.co.uk>
Subject: Security measures for online banking
Date: Fri, 21 Dec 2007

Dear Alliance & Leicester Business Banking customer,

We are currently performing regular maintenance of our security measures for online banking and customer databases. We apologize for the inconvenience but your account was randomly selected for verification and you'll be taken through a short authentication process.

To start now please click here.

Please note! If we don't recieve the appropriate account verification within 24 hours since you've got this email your online access can be suspended until further notice. The purpose of this verification is to ensure your account has not been fraudulently used and you're not a victim of identity theft.

Thank you for understanding and helping us improve.
Equal Housing LenderMember FDIC&#169; Copyright 2007 Alliance & Leicester Corporation1-800-REGIONS


and even funnier was this one:

From Alliance & Leicester Commercial Bank
Return-Path: <message.buisiness@alliance-leicester.co.uk>
Received: from User ([81.149.251.45] UK, BTOpenworld
From: "Alliance & Leicester Commercial Bank" <message.buisiness@alliance-leicester.co.uk>
Subject: You have new message. <---------------superb grammar!
Date: Mon, 10 Dec 2007

Dear Alliance & Leicester Commercial Bank user,
You have 1 new ALERT message
Please login to your Alliance & Leicester Business Banking and visit the Message Center section in order to read the message.

To Login, please click the link below:

Go To Alliance & Leicester Business Banking Online

&#169; 2007 Alliance & Leicester Commercial Bank. All rights reserved

This is humorous, if not a bit bizarre. Alliance & Leicester Commercial Bank is a bank in the UK. Jessica's post says that the bank is a "Member FDIC". The FDIC is is a United States government corporation designed to protect individual bank deposits of customer in the United States, not the UK. The FDIC provides deposit insurance which currently guarantees checking and savings deposits in member banks up to $100,000 per depositor.

I'm sure that UK bank would like to be insured by the American taxpayer but it doesn't work that way. This is just another stupid scammer sending out emails in which he copies and pastes something he finds in a webpage which which he has absolutely no clue whatsoever as to what it means.

I'm sure that UK bank would like to be insured by the American taxpayer
Maybe the Americas would like to help us with Northern Rock?

Not a chance doc!

Return-Path: ~admin@mybusinessbank.co.uk>
Received: from 80.91.89.46, Spain, Huelva, neo-hosting.com
Reply-To: ~admin@mybusinessbank.co.uk>
From: "Alliance and Leicester Commercial Bank"~admin@mybusinessbank.co.uk>
Subject: You have 1 new Message
Date: Wed, 16 Apr


Alliance and Leicester Commercial Bank
16 April 2008,

You have 1 new Message.
CHECK MESSAGE

Check out the latest updates about your e-banking service and take a look at these great offers from Alliance and Leicester Commercial Bank.

Customer Service
Please do not reply to this message.To contact us by phone, please call the number on the home page.

Sincerely,
Alliance and Leicester Commercial Bank Internet Banking.

Received: from shotgunflat.theplanet.host ([74.53.97.162]) by bay0-mc12-f21.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Mon, 17 Nov 2008 05:58:24 -0800
Received: (qmail 32427 invoked from network); 16 Nov 2008 21:53:48 -0500
Received: from cp1324712-a.dbsch1.nb.home.nl (HELO User) (84.27.1.163) by aa.61.354a.static.theplanet.com with SMTP; 16 Nov 2008 21:53:48 -0500

Origin IP Address = 84.27.1.163 = AtHome Benelux IP Management, Gyroscoopweg 90-92, 1042 AX Amsterdam, The Netherlands

From: "Alliance Leicester Bank"~internetbanking@alliance-leicester.co.uk>
Subject: One Security Message
Date: Sun, 16 Nov 2008 18:53:21 -0800
Bcc:
Return-Path: internetbanking@alliance-leicester.co.uk



You have 1 new Security Message Alert!

Log In into your account and resolve the problem.


Click here to Log In "Phishing" link dead - found by hosts after posting in NetCraft and McAfee SiteAdvisor.



Alliance & Leicester Online Service



--------------------------------------------------------------------------------
Alliance & Leicester Security Department

From Alliance & Liecester Plc
Return-Path: <secure.message@alliance-leicester.co.uk>
Received: from 212.241.221.141, U.K., Virtual Hosting VPS, abuse report to [abuse@gxn.net]
Reply-To: "Alliance & Liecester Plc" <secure.message@alliance-leicester.co.uk>
From: "Alliance & Liecester Plc" <secure.message@alliance-leicester.co.uk>
Subject: Secure Message from Alliance & Liecester
Date: Tue, 25 Nov 2008
Organization: Alliance & Liecester Plc


Dear Valued Customer,

You have a new message waiting in your Inbox Folder.

Click here to read.

Best Regards.
Alliance & Leicester Security Department Team.

* Please do not reply to this email as your reply will not be received.
Alliance & Leicester is part of the Santander Group, one of the world's largest banking groups. More information on Banco Santander can be found at www.santander.com


http mybank aliance-leicester co uk.stgsfw7sr.com/index.php is flagged by macafee as a phishing site.

From the mailbag.

From: Alliance & Leicester Bank Plc
Date: 03/12/2008
Subject: Alliance&Leicester Internet Banking Security Upgrade Notification


Dear Valued Customer

We noticed severe numbers of invalid login attempt on your account, due to this reason your customer ID has been revoked.

We have also increased more security on our website so as to put an end to fraudulent activities. In other to use our services, you are advise to re-access your account.

To re-access your account,
http alliance-leicester co uk/customer/index.aspx [This site is dead.]

It's all about your Security.

Management
Alliance & Leicester Bank Plc.

Hi all

I received this email today, it reads as follows:

Alliance & Leicester Business Banking Customer,

Statement Information

Download Balances: https www mybusinessbank co uk cs70_banking/sbb/emea/common/transact/user/statementList/detail?index=0

1108 Current Account -01*******

Statement Number: 22

Opening Balance:****

Closing Balance:****

Download to: https www mybusinessbank co uk cs70_banking/sbb/emea/common/download/user/download

And the headers look like this:

Return-Path: <alc.bank@mybusinessbank.co.uk>
Delivery-Date: Thu, 11 Dec 2008 04:28:09 +0100
Received: from caracas (static-ip-62-75-164-111.inaddr.intergenia.de [62.75.164.111])
by mx.kundenserver.de (node=mxeu0) with ESMTP (Nemesis)
id 0MKpIi-1LAcDf0tsb-000F5b for info@xxxxl.co.uk; Thu, 11 Dec 2008 04:28:09 +0100
Received: (qmail 3573 invoked from network); 11 Dec 2008 02:38:03 +0100
Received: from 62-77-173-51.customer.eircom.net (HELO User) (62.77.173.51)
by static-ip-62-75-164-111.inaddr.intergenia.de with SMTP; 11 Dec 2008 02:38:03 +0100
From: "Alliance & Leicester Commercial Bank"<ALC.bank@mybusinessbank.co.uk>
Subject: Statement Information.
Date: Thu, 11 Dec 2008 01:36:29 -0000
MIME-Version: 1.0
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <0MKpIi-1LAcDf0tsb-000F5b@mx.kundenserver.de>
Envelope-To: info@xxxxx

Regards and stay safe

Thanks KimZ, we'll get to work on it. And especially thanks for the headers.

X-SID-PRA: Alliance & Leicester Bank Plc <onlineservice@alliance-leicester.co.uk>
Received: from User ([212.100.69.11]) (envelope-sender <onlineservice@alliance-leicester.co.uk>) by 61.153.43.246 with ESMTP for <&&&&&&&&&&@hotmail.co.uk>; Tue, 16 Dec 200 18:34:18 +0800

Origin IP Address = 212.100.69.11 = Infoweb Ltd, Ahmed Onibudo St., Victoria Island, Lagos, NIGERIA

From: "Alliance & Leicester Bank Plc"<onlineservice@alliance-leicester.co.uk>
Subject: Alliance & Leicester Internet Banking Security Upgrade Notification
Date: Tue, 16 Dec 2008 02:34:21 -0800
Bcc:
Return-Path: onlineservice@alliance-leicester.co.uk


Please add info@host.alliance-leicester.co.uk
to your address book to ensure delivery


Dear Valued Customer,

We recently have determined that different computers have logged into your Alliance & Leicester account, and multiple password failures were present before the logons.

In this manner for your security, your specified access account has been locked and needs to be reactivated, in order for it to remain active, please Use the link below to proceed and unlock your account.

So we want you to use this oppurtunity to upgrade your account to our new security with the Santander Group, one of the largest banks in the world by market capitalisation.

https://www.mybank.alliance-leicester.co.uk/index.asp?ct=mybankrhnlogin& The site is dead already, havind been flagged by NetCraft, McAfee SiteAdvisor, IE7 and Safari.

By becoming part of the Santander Group, Alliance & Leicester has acquired strong backing, which is crucial in these difficult financial times.

I am convinced that Abbey, Alliance & Leicester and Bradford & Bingley, as part of the Santander Group, will be a leading UK bank focused on giving you great service and value-for-money products.

Yours sincerely,

Chairman, Emilio Botin




This message was sent to you as an Alliance & Leicester customer, to inform you regarding important information about your account.

Please do not reply to this email. It has been sent from an email address that does not accept incoming emails. To contact us, please telephone internet banking on 0844 800 11 44 or textphone 0844 800 50 50 or visit our website
alliance-leicester.co.uk. Calls to 0844 numbers cost 6 pence plus 5 pence per minute from a BT Together landline. Mobile and other providers' charges may vary. Calls are recorded and may be monitored for security, quality control and training purposes.

As an additional security measure every customer email sent to you by
Alliance & Leicester Group will be addressed to you personally. Please report to suspiciousemails@alliance-leicester.co.uk any email which appears to come from Alliance & Leicester but is NOT addressed to you personally.

We will never ask you to supply personal information such as passwords or other security information via email. If you are ever asked to supply this information in any email which appears to come from Alliance & Leicester, please report this to suspiciousemails@alliance-leicester.co.uk.

This email has been sent by Alliance & Leicester plc. Registered Office: Carlton Park, Narborough, Leicester LE19 0AL. Company No. 3263713. Registered in England. Alliance & Leicester plc is authorised and regulated by the Financial Services Authority. Our FSA register number is 189099.

X-SID-PRA: Alliance & Leicester <customer.services@alliance-leicester.co.uk>
Received: from server10.dubhosting.com ([216.131.64.217]) by bay0-mc10-f22.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Fri, 26 Dec 2008 23:40:19 -0800

Origin IP Address = 216.131.64.217 = DubHosting, 72 oldham road, Oldham, Lancashire OL2 8SA, GB

To: ********@hotmail.com
Subject: You have 1 new Security Message Alert!
From: Alliance & Leicester <customer.services@alliance-leicester.co.uk>
Reply-To:
Date: Sat, 27 Dec 2008 06:49:12 +0000
Return-Path: nobody@server10.dubhosting.com



You have 1 new Security Message Alert!

Log In into your account and resolve the problem.


Click here to Log In The Phishing site in the link has been killed by the host. The pages were hacked into an education establishment site in The Philippines, It had been reported to NetCraft, McAfee and IE Phish filter.



Alliance & Leicester.



--------------------------------------------------------------------------------
©Alliance & Leicester Security Department