Wednesday, October 26, 2022

Solde débiteur chez paypal (Arnaque par Spoofing)

Madame, Monsieur,

A la requête de votre créancier, PAYPAL (Europe) SARL & Cie- 22-24
Boulevard ROYAL -L-2449 LUXEMBOURG , dont la Easytransac
est le mandataire, vous êtes redevable de la somme de 53,83 EUR
qui représente l'état débiteur de votre compte PayPal à ce jour.

En vertu du mandat qui nous a été confié par PayPal, dans le
cadre d'un recouvrement amiable nous agissons conformément à la loi du
09/07/1991 (art. 32*). Aucun frais ne vous est réclamé à ce stade de la
procédure.

Nature de la créance : Compte PayPal débiteur
MONTANT TTC : 53,83 EUR
Date de limite de paiement : à réception de ce courrier électronique

A défaut de paiement, nous serons contraints de transmettre votre
dossier à notre service juridique chargé d'engager une procédure
contentieuse à votre encontre, et qui pourra éventuellement saisir le
tribunal afin d'obtenir un titre exécutoire, ce qui ajouterait au
principal de la créance les dommages et intérêts légaux, ainsi que ceux
demandés au titre de l'Article 700 du Nouveau Code de Procédure Civile.

Tout paiement doit être adressé à :
Easytransac
15 Rue Auguste Gervais, 92130 Issy-les-Moulineaux, France

Modes de paiement acceptés :

- par virement bancaire:

NOM: Paypal IE
IBAN: IE43PFSR99107013999485
BIC: PFSRIE21
REFERENCE : DEBIT92037357FR
Montant: 53,88 Euro

Note : il est impossible de répondre à ce message électronique pour
raison de sécurité et de confidentialité des informations vous concernant.
« sauf s'ils concernent un acte dont l'accomplissement est prescrit

par la loi, les frais de recouvrement entrepris sans titre exécutoire
restent à la charge du créancier, toute stipulation contraire est
réputée non écrite. Cependant, le créancier qui justifie du caractère
nécessaire des démarches entreprises pour recouvrer sa créance peut
demander au juge de l'exécution de laisser tout ou partie des frais
ainsi exposés à la charge du débiteur de mauvaise foi. »

Conformément à l'art.27 de la loi n°78-17 d'Informatique et Liberté,
vous disposez d'un droit d'accès et de rectification pour les données
nominatives vous concernant auprès de l'émetteur de la présente.
Easytransac au capital de 3 365 000 EUR
15 Rue Auguste Gervais, 92130 Issy-les-Moulineaux, France

Email analysis :

NOTE : spoofing noreply@recouvrement.com
NOTE : 157.230.106.218
NOTE : recouvrement.com
NOTE : WHOIS recouvrement.com

Domain Name: RECOUVREMENT.COM
Registry Domain ID: 1435933_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.ovh.com
Registrar URL: http://www.ovh.com
Updated Date: 2020-12-21T09:54:06Z
Creation Date: 1998-06-17T04:00:00Z
Registry Expiry Date: 2023-06-16T04:00:00Z
Registrar: OVH sas
Registrar IANA ID: 433
Registrar Abuse Contact Email: abuse@ovh.net
Registrar Abuse Contact Phone: +33.972101007
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: CHLOE.NS.CLOUDFLARE.COM
Name Server: JULIO.NS.CLOUDFLARE.COM
DNSSEC: signedDelegation
DNSSEC DS Data: 2371 13 2 C404DEF0800990F7567A91CBE3B57DBCF85000197A828A351EFB3D2C1968CBB1
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

Monday, October 24, 2022

Project #...

I just want to apologize for any inconvenience this email may cause you. I got your email details on a B2B marketing site, I'm interested in establishing and operating a very lucrative business as a means of achieving a profitable and successful business with you.

I'm actually seeking a potential partner in other to execute the business as it involves an extensive profit. I'm willing to offer 50% of the profit that will be made from the business. Do revert back to me for more details if you are interested in my offer.

Look Forward to your Positive Response
Thanks & Regards,

Email analysis :

NOTE : fengh2989@gmail.com
NOTE : kristinelouhongwei@gmail.com
NOTE : 200.50.166.131 (smtp.cablenet.com.ar)⁩
NOTE : ⁨from ec2-3-67-76-212.eu-central-1.compute.amazonaws.com
NOTE : ([3.67.76.212]:50266 helo=gmail.com

Settle your debt in order to avoid additional fees. (BTC Scam)

Hi there!
Have you seen lately that an email sent by me to you from your own account?
Yeah, that merely concludes that I have gained a complete access to a device of yours.

For the past several months, you were under my close observation.
Still surprised how could that happen? The thing is, your device was infected by a malware from one of adult websites that you lately accessed.
It may seem complicated to you, nevertheless let me try to clear it out to you.

With aid of Trojan Virus, I gained full access to your PC as well as any other device in your possession.
That merely denotes that I am able to see you whenever I like just by turning on the camera and microphone in your PC, while you don't even know about that.
Moreover, I have also obtained your entire contacts list, including your entire correspondence.

Indeed, you wonder, "But my PC is equipped with a valid antivirus, so how could that be possible?
Why haven't I seen any warning?" To be frank, the reply is very straightforward: malware of mine is based on drivers,
whose signatures get updated on 4-hourly basis, causing it to become simply untraceable, and as result leaving your antivirus idle.

I got a video showing the way you are jerking off on my left screen, while on the right screen there is a video that you watched during your masturbation session.
Still unclear how bad that could become? One mouse click is enough to send that video to your entire list of social network, as well as e-mail contacts.
In addition, I can as well provide access to your entire e-mail correspondence as well as messengers that are currently in your use.

All you need to do to in order to avoid that from occurring - transfer $1550 (USD) in Bitcoin equivalent to my Bitcoin address
(if you still don't know how that could be done, just use your browser and key-in: "Buy Bitcoin").

Below is bitcoin address (BTC Wallet) of mine: 16trAbrqfAkfpN2zoJ2gQQdsYebkspgHpQ

Upon getting evidence of payment from your side, I will instantly proceed with removing those videos, and that is all, you won't ever hear about me anymore.
You are left with 2 days (or 48 hours) to perform that transaction.
After opening this e-mail, I will get a notice, which will automatically start my timer countdown.

Any attempts to complain to authorities won't be of any use to you, because this e-mail is simply untraceable, just like Bitcoin ID of mine.
I was working on this for quite an extended period of time; so do not even think that I can make a mistake.

In event that, I occasionally discover that you shared this message with anyone else,
I will straight away proceed with making your video public as stated earlier.

Good luck.

Email analysis :

NOTE : client-ip=190.46.71.143;
NOTE : helo=pc-143-71-46-190.cm.vtr.net

Friday, October 21, 2022

You have outstanding debt. (BTC Scam)

Hello there!

Unfortunately, there are some bad news for you.
Around several months ago I have obtained access to your devices that you were using to browse internet.
Subsequently, I have proceeded with tracking down internet activities of yours.

Below, is the sequence of past events:
In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (*@*).

A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access.
Actually, that was quite simple (because you were clicking the links in inbox emails).
All smart things are quite straightforward. (^-^)

The software of mine allows me to access to all controllers in your devices, such as video camera, microphone and keyboard.
I have managed to download all your personal data, as well as web browsing history and photos to my servers.
I can access all messengers of yours, as well as emails, social networks, contacts list and even chat history.
My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus.

So, by now you should already understand the reason why I remained unnoticed until this very moment...

While collecting your information, I have found out that you are also a huge fan of websites for adults.
You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun.
I have recorded several kinky scenes of yours and montaged some videos, where you reach orgasms while passionately masturbating.

If you still doubt my serious intentions, it only takes couple mouse clicks to share your videos with your friends, relatives and even colleagues.
It is also not a problem for me to allow those vids for access of public as well.
I truly believe, you would not want this to occur, understanding how special are the videos you love watching, (you are clearly aware of that) all that stuff can result in a real disaster for you.

Let's resolve it like this:
All you need is $1450 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all that kinky stuff without delay.
Afterwards, we can pretend that we have never met before. In addition, I assure you that all the harmful software will be deleted from all your devices. Be sure, I keep my promises.

That is quite a fair deal with a low price, bearing in mind that I have spent a lot of effort to go through your profile and traffic for a long period.
If you are unaware how to buy and send bitcoins - it can be easily fixed by searching all related information online.

Below is bitcoin wallet of mine: 17kmbhxxMsrFhmQNim1jbjD6AeBUQ2SbYp

You are given not more than 48 hours after you have opened this email (2 days to be precise).

Below is the list of actions that you should not attempt doing:
Do not attempt to reply my email (the email in your inbox was created by me together with return address).
Do not attempt to call police or any other security services. Moreover, don't even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) - the video of yours will become available to public immediately.
Do not attempt to search for me - there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.
Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.

Below is the list of things you don't need to be concerned about:
That I will not receive the money you transferred.
- Don't you worry, I can still track it, after the transaction is successfully completed, because I still monitor all your activities (trojan virus of mine includes a remote-control option, just like TeamViewer).
That I still will make your videos available to public after your money transfer is complete.
- Believe me, it is meaningless for me to keep on making your life complicated. If I indeed wanted to make it happen, it would happen long time ago!

Everything will be carried out based on fairness!

Before I forget...moving forward try not to get involved in this kind of situations anymore!
An advice from me - regularly change all the passwords to your accounts.

Email analysis :

NOTE : client-ip=168.121.75.0; helo=client-75-0.sulcatel.com.br

Nous avons détecté des opérations inhabituelles (Phishing Crédit Mutuel)

Cher client,

Nous avons détecté des opérations inhabituelles se produisaient sur votre espace client, si vous n'êtes pas à l'orgine de ces opérations, connecter vous à votre espace afin de les annuler.

Pour accéder à votre espace client en ligne cliquez sur le lien ci-dessous:

Mon espace client.

Ceci est un message automatique généré par nos serveur, vous pouvez l'ignorer si vous êtes à l'origine de ces opérations.

Service Crédit Mutuel
Merci.

Email analysis :

NOTE : www-data@webmail.unisannio.it
NOTE : ⁨95.110.176.127 ([95.110.176.127])⁩
Phishing analysis :
NOTE : https://musing-jennings.143-198-174-17.plesk.page/mmm/mwed/wdrz/
NOTE : Hacked Plesk interface.