http://imgur.com/mjIbN3y
收到上述邮件图档+一个.ZIP 档
.ZIP我不敢开 ><
个资法好像有规定发生个资泄漏, 行银要负举证责任, 有疏失就要赔钱哭哭惹
查了一下E_MAIL的表头如下, 看来是从UK寄来的...
Return-Path: <php-mail@WEB205.extendcp.co.uk>
Received: from msa-sms5-4.hinet.net (msa-sms5-4.hinet.net [168.95.7.114])
by msa-smtp4.hinet.net (8.14.2/8.14.2) with ESMTP id u293Xo71024598
for <XXXX.XXXX@msa.hinet.net>; Wed, 9 Mar 2016 11:33:50 +0800 (CST)
Received: from msa.hinet.net (msa-msr20.hinet.net [168.95.6.20])
by msa-sms5-4.hinet.net (8.14.2/8.14.2) with ESMTP id u293XnRh020799
for <XXXX.XXXX@msa.hinet.net>; Wed, 9 Mar 2016 11:33:49 +0800
Received: from mailscan1.extendcp.co.uk (mailscan39.extendcp.co.uk
[176.32.230.33])
by msa.hinet.net (8.14.2/8.14.2) with ESMTP id u293XCYU024973
for <XXXX.XXXX@msa.hinet.net>; Wed, 9 Mar 2016 11:33:38 +0800 (CST)
Received: from mailscanlb0.hi.local ([10.0.44.160] helo=mailscan2.hi.local)
by mailscan-g69.hi.local with esmtp (Exim 4.80.1)
(envelope-from <php-mail@WEB205.extendcp.co.uk>)
id 1adUsS-0005di-IG
for XXXX.XXXX@msa.hinet.net; Wed, 09 Mar 2016 03:33:36 +0000
Received: from mailscanlb0.hi.local ([10.0.44.160] helo=web206.extendcp.co.uk)
by mailscan2.hi.local with esmtp (Exim 4.80.1)
(envelope-from <php-mail@WEB205.extendcp.co.uk>)
id 1adUsQ-0001Ut-4C
for XXXX.XXXX@msa.hinet.net; Wed, 09 Mar 2016 03:33:36 +0000
Received: from WEB205.webhosting.mainnameserver.com ([127.0.0.1]) by
web206.extendcp.co.uk with Microsoft SMTPSVC(7.5.7601.17514);
Wed, 9 Mar 2016 03:33:20 +0000
Date: Wed, 09 Mar 2016 03:33:20 +0000
Subject: Your online bank transfer of billing notifications
To: XXXX.XXXX@msa.hinet.net
MIME-Version: 1.0
From:TCB-BANK <coA033@tcb-bank.com.tw>
Reply-To: TCB-BANK <coA033@tcb-bank.com.tw>
合库加油好吗 QQ
请查照板规10，发文需大于3行50字

快～去～告～

盗什么资？

这完全构不成个资外泄的条件好吗

反串失败

唉，加油点，好吗?

这个 header 唯一跟合库相关的是 from 字段写的是 TCB你知道 from 字段其实用某些发信软件是可以任意写的吗 ?如果内文有写你的个资 (譬如说开头写着你的中文名字) 再来说有个资外泄的嫌疑, 不然都是乱枪打鸟的不然照你这逻辑, 其实我可以告一堆国际性的跨国银行集团因为我也常收到一些银行通知我中奖, 通知我帐号有问题,blah blah..... 等等奇怪的通知信, 问题是我根本没有那些银行帐号啊 XD

回去多念点书 单独只有EMAIL不是个资你可以快跟金管会申诉 真是个资外泄可以让银行赔很多钱就怕你会被打脸打到哭出来