Note that when the VIEW YOUR TRANSACTION button was clicked it resolved to the following false website address : https://blockchaign.info/wallet/#/login.
This is a clear phishing attempt.
When you are asked to login to some website do not open it from the link provided in an email you received, but open the login link you originally received from your service provider!
IF YOU ARE THE ORIGINATOR OF THIS MESSAGE AND CONSIDER IT HAS ERRONEOUSLY BEEN CATALOGUED AS SCAM OR DOUBTFUL, THEN PLEASE EMAIL ME, CONFIRMING THAT YOUR MESSAGE IS HONEST AND FOR REAL.
Tech Info (Original / Source / Etc) :
Return-Path: <vasychin__par_par_ru__gz@jacket.beget.ru>
Delivered-To: MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ
Received: from polar.dnsprotect.com
by polar.dnsprotect.com with LMTP id CHwOO36t61mmmQAAa3LZQA
for <MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ>; Sat, 21 Oct 2017 16:26:38 -0400
Return-path: <vasychin__par_par_ru__gz@jacket.beget.ru>
Envelope-to: MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ
Delivery-date: Sat, 21 Oct 2017 16:26:38 -0400
Received: from m2.jacket.beget.ru ([5.101.152.110]:45181)
by polar.dnsprotect.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.89)
(envelope-from <vasychin__par_par_ru__gz@jacket.beget.ru>)
id 1e60Lt-000AUL-Ap
for MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ; Sat, 21 Oct 2017 16:26:38 -0400
Received: from vasychin (Authenticated sender vasychin@jacket.beget.ru)
by jacket.beget.ru with local (Exim 4.76)
(envelope-from <vasychin__par_par_ru__gz@jacket.beget.ru>)
id 1e60LA-000B2E-Gd
for MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ; Sat, 21 Oct 2017 23:25:52 +0300
To: MY-MAIL-WAS-HERE@SOME-SITE.COMXYZ
Subject: New Payment Received
From: =?utf-8?B?QmxvY2tjaGFpbi5pbmZv?= <xaajgnzd@www.par-par.ru>
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Reply-To: xaajgnzd@www.par-par.ru
X-Mailer: PHP/5.5.38
Message-Id: <E1e60LA-000B2E-Gd@jacket.beget.ru>
Date: Sat, 21 Oct 2017 23:25:52 +0300
Precedence: bulk