Phishing de AEAT
Han llegado varios estos días … bastante mal hechos, se nota a la distancia.
Return-Path:
Received: from web-relay-20-x176n201.default-host.net (web-relay-20-x176n201.default-host.net [185.234.176.201])
by ns3368849.ip-37-187-89.eu (8.18.1/8.15.2/Debian-22ubuntu3) with ESMTP id 60HKsV1k460495
for
Received: from business-55.default-host.net (business-55.default-host.net [185.104.44.143])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested)
by web-relay-20-x176n201.default-host.net (Postfix) with ESMTPS id 55FDF108057E
for
Received: from business-55.default-host.net (localhost [127.0.0.1])
by business-55.default-host.net (8.15.2/8.15.2) with ESMTP id 60HKsQTs063801
for
Received: (from altepur@localhost)
by business-55.default-host.net (8.15.2/8.15.2/Submit) id 60HKsQjr063790;
Sat, 17 Jan 2026 22:54:26 +0200

Esta vez no esta nada currado … pero aun así la gente sigue picando. Sigo sin entenderlo.