This is a personal email directed to you, My wife and I won a Euromillions of Ј101m Pounds jackpot on October 11, 2011 and we have voluntarily decided to donate the sum of ONE MILLION POUNDS to you as part of our own charity project to improve the lot of 20 lucky individuals all over the world. We believe that this wonderful opportunity came to us from God and we cannot keep it to ourselves alone, If you have received this email then you are one of the lucky recipients and all you have to do is get back to us with your particulars so that we can send your details to the pay-out bank. Please you can verify this by visiting the web pages below to see our interview; http://www.bbc.co.uk/news/uk-england-15253038 https://www.youtube.com/watch?v=UmHXRDHqTZ8&list=PL1HnjGesrLVLGhFrl5nbeC1dcSJ8niqQm Your email address was submitted to my wife and I by the Google Management Team and you received this email because we have listed you as one of the lucky Millionaires and all you have to do is get back to us via e-mail: d.dawes@qq.com kindly sends us the below details so that we can direct you to our pay-out Bank to effect disbursement as soon as possible.
Video from scam :
============
Full Name:
State:
Country:
DOB:
Occupation:
Age:
Bank Name:
Sex:
Mobile/Tel:
Alternative Email:
And one more thing, this donation is made out to you as to enable you strengthen your personal issues and mostly to generously help us extend hands of giving to the less privilege, orphans and charity organizations within your locality. We await your urgent response.
Regards
Dave Dawes
Thursday, September 11, 2014
Tradekey phishing
http://int2.tkcdn.com/lang/en/images/tklogo_log.jpg
Dear Valued Customer,
We received a request to update your account associated with this e-mail address.
This is a request from our server, please follow the instructions below.
Click the link below to continue using our secure server:
https://www.tradekey.com/secure/TID=UPDATE
Thank you for using our services.
http://int2.tkcdn.com/lang/images/iso_horizontal.gif
Privacy Policy - Terms of Use - Intellectual Property Policy
Copyright © 2014 TradeKey.com
Phishing analysis :
=================================================
NOTE : Click https://www.tradekey.com/secure/TID=UPDATE
NOTE : Redirect http://www.onmycloud.fr/libraries/openid/Auth/Yadis/tradekey.com/index.html
NOTE : Validate phishing form
NOTE : Redirect http://www.tradekey.com
=================================================
Mail analysis :
=================================================
NOTE : Received : from mailgate7.iss.soton.ac.uk (mailgate7.iss.soton.ac.uk. [152.78.128.16])
NOTE : Received : from mailgate7.iss.soton.ac.uk (localhost.localdomain [127.0.0.1])
NOTE : Received : from UOS-MSG00037-VS.soton.ac.uk
NOTE : (uos-msg00037-vs.soton.ac.uk [152.78.119.39])
NOTE : by mailgate7.iss.soton.ac.uk (mailgate7.iss.soton.ac.uk [152.78.128.16])
NOTE : envelope-from
NOTE : Received : from User (176.115.143.94)
NOTE : by smtp.soton.ac.uk (152.78.119.39)
NOTE : X-Received : by 10.194.88.138
NOTE : Please contact Serviceline@soton.ac.uk for more information
NOTE : mail2serv@tradekey.com
NOTE : [TradeKey E-mail Notification]
=================================================
Whois analysis :
=================================================
WHOIS Soton.ac.uk :
=================================================
The University of Southampton combines academic excellence with an innovative and entrepreneurial approach to research, supporting a culture that engages...
=================================================
WHOIS onmycloud.fr :
=================================================
nic-hdl: HYGO2-FRNIC
type: ORGANIZATION
contact: HEY YOU GET ON MY CLOUD!
address: HEY YOU GET ON MY CLOUD!
address: 24, rue Danielle Casanova
address: 91330 Yerres
country: FR
phone: +33.6.82.00.63.60
e-mail: jcvareille@onmycloud.fr
registrar: OVH
changed: 08/06/2012 nic@nic.fr
anonymous: NO
obsoleted: NO
source: FRNIC
=================================================
Dear Valued Customer,
We received a request to update your account associated with this e-mail address.
This is a request from our server, please follow the instructions below.
Click the link below to continue using our secure server:
https://www.tradekey.com/secure/TID=UPDATE
Thank you for using our services.
http://int2.tkcdn.com/lang/images/iso_horizontal.gif
Privacy Policy - Terms of Use - Intellectual Property Policy
Copyright © 2014 TradeKey.com
Phishing analysis :
=================================================
NOTE : Click https://www.tradekey.com/secure/TID=UPDATE
NOTE : Redirect http://www.onmycloud.fr/libraries/openid/Auth/Yadis/tradekey.com/index.html
NOTE : Validate phishing form
NOTE : Redirect http://www.tradekey.com
=================================================
Mail analysis :
=================================================
NOTE : Received : from mailgate7.iss.soton.ac.uk (mailgate7.iss.soton.ac.uk. [152.78.128.16])
NOTE : Received : from mailgate7.iss.soton.ac.uk (localhost.localdomain [127.0.0.1])
NOTE : Received : from UOS-MSG00037-VS.soton.ac.uk
NOTE : (uos-msg00037-vs.soton.ac.uk [152.78.119.39])
NOTE : by mailgate7.iss.soton.ac.uk (mailgate7.iss.soton.ac.uk [152.78.128.16])
NOTE : envelope-from
NOTE : Received : from User (176.115.143.94)
NOTE : by smtp.soton.ac.uk (152.78.119.39)
NOTE : X-Received : by 10.194.88.138
NOTE : Please contact Serviceline@soton.ac.uk for more information
NOTE : mail2serv@tradekey.com
NOTE : [TradeKey E-mail Notification]
=================================================
Whois analysis :
=================================================
WHOIS Soton.ac.uk :
=================================================
The University of Southampton combines academic excellence with an innovative and entrepreneurial approach to research, supporting a culture that engages...
=================================================
WHOIS onmycloud.fr :
=================================================
nic-hdl: HYGO2-FRNIC
type: ORGANIZATION
contact: HEY YOU GET ON MY CLOUD!
address: HEY YOU GET ON MY CLOUD!
address: 24, rue Danielle Casanova
address: 91330 Yerres
country: FR
phone: +33.6.82.00.63.60
e-mail: jcvareille@onmycloud.fr
registrar: OVH
changed: 08/06/2012 nic@nic.fr
anonymous: NO
obsoleted: NO
source: FRNIC
=================================================
Rép : Swift Payment Confirmation.
Good day,
I tried calling you, but couldn't reach you, Please find attached swift copy of payment made today, And kindly get back to me with all necessary document for shipment.
7/09/14 14:12:20 LOcalOutAcks-2536-0883793
--------------------Instance Type Transission--------------------
Notification (Transmission) of Original sent to SWFT (ACK) Nerwork Delivcr Status Nerwork Ack
Priorty/Delivcry:
Normal
Swift Lnput:
FIN 103 Single Customer Credit Transfer
Sender:
CORUTZTZXXX
CRDB BANK LIMTTED
DAR ES SALAAMTZ
Receivr :
CITTUS32XXX
CITTBANK N.A
NEW YORK ,NY US
---------------------Message Text--------------------
20:Sender's Reference
986/25LUMUMBA
23B:Bank Operation CodcCRED
32A:Val Dte/Curr/Interbnk Settld Amt
Date:7 September 2014
Currency:USD (US DOLLAR)
50K:Ordering Customer- Name & Address
---------------------Message Text--------------------
{CHK:GDF65HET676F}
PKI Signature: MAC-Equivalcnt
---------------------Intervtions---------------------
Caiegory:Nerwork Report
Creation Time:7/09/14 14:12:20
Application:SWTFT Interface
Operato:Systern
Text{1:G2CORUTZTZAXXX4800211}{5189:1331566}{7761:0}{209267349056400}
Regards
Asjad Sayeed/Northern Tannery
Sent from my iPhone
< TT copy.7z >
Virus Analysis :
AVG Inject2.AUZR 20140911
Ad-Aware Gen:Variant.Zusy.105684 20140911
Avira TR/Betabot.A.178 20140911
Baidu-International Trojan.Win32.Neurevt.aJXs 20140911
BitDefender Gen:Variant.Zusy.105684 20140911
Cyren W32/Ransom.QLKF-8999 20140911
DrWeb Trojan.PWS.Stealer.13199 20140911
ESET-NOD32 a variant of Win32/Injector.BLNI 20140911
Emsisoft Gen:Variant.Zusy.105684 (B) 20140911
F-Secure Gen:Variant.Zusy.105684 20140911
Fortinet W32/Neurevt.API!tr 20140911
GData Gen:Variant.Zusy.105684 20140911
Ikarus Trojan.Crypt 20140911
K7AntiVirus Riskware ( 0040eff71 ) 20140910
K7GW Riskware ( 0040eff71 ) 20140910
Kaspersky Trojan.Win32.Neurevt.api 20140911
Kingsoft VIRUS_UNKNOWN 20140911
MicroWorld-eScan Gen:Variant.Zusy.105684 20140911
NANO-Antivirus Trojan.Win32.Stealer.derrjx 20140911
Panda Trj/CI.A 20140910
Sophos Troj/Inject-BCM 20140911
TrendMicro TROJ_GEN.R00JC0EIA14 20140911
Mail analysis :
NOTE : Received : from ebeautiquestore.com (203.175.170.39)
NOTE : Received : from User (unknown [69.26.211.159]) by ebeautiquestore.com
I tried calling you, but couldn't reach you, Please find attached swift copy of payment made today, And kindly get back to me with all necessary document for shipment.
7/09/14 14:12:20 LOcalOutAcks-2536-0883793
--------------------Instance Type Transission--------------------
Notification (Transmission) of Original sent to SWFT (ACK) Nerwork Delivcr Status Nerwork Ack
Priorty/Delivcry:
Normal
Swift Lnput:
FIN 103 Single Customer Credit Transfer
Sender:
CORUTZTZXXX
CRDB BANK LIMTTED
DAR ES SALAAMTZ
Receivr :
CITTUS32XXX
CITTBANK N.A
NEW YORK ,NY US
---------------------Message Text--------------------
20:Sender's Reference
986/25LUMUMBA
23B:Bank Operation CodcCRED
32A:Val Dte/Curr/Interbnk Settld Amt
Date:7 September 2014
Currency:USD (US DOLLAR)
50K:Ordering Customer- Name & Address
---------------------Message Text--------------------
{CHK:GDF65HET676F}
PKI Signature: MAC-Equivalcnt
---------------------Intervtions---------------------
Caiegory:Nerwork Report
Creation Time:7/09/14 14:12:20
Application:SWTFT Interface
Operato:Systern
Text{1:G2CORUTZTZAXXX4800211}{5189:1331566}{7761:0}{209267349056400}
Regards
Asjad Sayeed/Northern Tannery
Sent from my iPhone
< TT copy.7z >
Virus Analysis :
AVG Inject2.AUZR 20140911
Ad-Aware Gen:Variant.Zusy.105684 20140911
Avira TR/Betabot.A.178 20140911
Baidu-International Trojan.Win32.Neurevt.aJXs 20140911
BitDefender Gen:Variant.Zusy.105684 20140911
Cyren W32/Ransom.QLKF-8999 20140911
DrWeb Trojan.PWS.Stealer.13199 20140911
ESET-NOD32 a variant of Win32/Injector.BLNI 20140911
Emsisoft Gen:Variant.Zusy.105684 (B) 20140911
F-Secure Gen:Variant.Zusy.105684 20140911
Fortinet W32/Neurevt.API!tr 20140911
GData Gen:Variant.Zusy.105684 20140911
Ikarus Trojan.Crypt 20140911
K7AntiVirus Riskware ( 0040eff71 ) 20140910
K7GW Riskware ( 0040eff71 ) 20140910
Kaspersky Trojan.Win32.Neurevt.api 20140911
Kingsoft VIRUS_UNKNOWN 20140911
MicroWorld-eScan Gen:Variant.Zusy.105684 20140911
NANO-Antivirus Trojan.Win32.Stealer.derrjx 20140911
Panda Trj/CI.A 20140910
Sophos Troj/Inject-BCM 20140911
TrendMicro TROJ_GEN.R00JC0EIA14 20140911
Mail analysis :
NOTE : Received : from ebeautiquestore.com (203.175.170.39)
NOTE : Received : from User (unknown [69.26.211.159]) by ebeautiquestore.com
CENTRAL BANK GOVERNOR
THE CENTRAL BANK OF NIGERIA
OFFICE OF THE GOVERNOR
CONTACT Our Ref: CBN/OHG/OXD1/09
Your Ref: ...............
TELEX: CENTRAL BANK.
PAYMENT FILE: CBN/BEN/09.
PAYMENT NOTIFICATION,
Definitely, I know that this letter will be a surprising one to you. Firstly, I will like to introduce my self formally as Mr.Godwin Emefiele, The Executive Governor of The Central Bank of Nigeria (CBN). I am officially contacting you today because your Inheritance Funds were Re-deposited into the "Federal Suspense Account" of CBN Central Bank Of Nigeria last week, because you did not forward your Claim as the Rightful beneficiary Well known to all, The Central Bank of Nigeria is the mother Bank of all commercial Banks here in Nigeria. So has the singular right to carry out this delivery. Really these men were unexpected by me because their visit was impromptu. I had to ask them why they came to see me in person and they said that they were here to collect the Inheritance Bill in Sum of ($5 MILLION USD) which rightfully belongs to you, on your behalf. In respect of your unfinished transaction which you are unable to collect your fund. At this development I asked them who authorized them to come down to Nigeria for the Collection of this Payment and they told me that you asked them to come and collect this Funds on your Behalf. In fact this was the biggest shock that this Bank have ever received so far because your Inheritance Funds is still in the "Federal Suspense Account" of CBN, yet you sent these men to come and collect this Funds on your behalf without notifying us. We in this Bank do not understand why you sent these men to come and Collect your Funds on your behalf. If actually you want them to help you collect your Inheritance Bill Sum, at least you should have informed me as the Executive Governor of this Bank. They actually tendered some Vital Documents, which proved that you actually sent them for the Collection of this Fund. Honestly, it really baffles me that you took such decision without my consent, by and large we still have to consider the fact that as the rightful owner of the fund you still have your own rights too.
Here are the Documents, which they tendered to this Bank:
1. LETTER OF ADMINISTRATION.
2. HIGH COURT INJUNCTION.
3. ORDER TO RELEASE.
Actually, these Documents, which they tendered to this Noble Bank, is a clear Proof that you sent them to Collect this Funds for you. Finally, I told them to come back and they promised to come back. As the Governor of this Noble Bank, I was supposed to Release this Funds to them but I refused to do so because I wanted to hear from you first. Due to the Nature of my job, I will not want to make any mistake in Releasing this Funds to anyone except you whom is the Recognized Bonafide Beneficiary to this Funds. Kindly clarify us on this issue before we make this Payment to these foreigners whom came on your behalf. In receipt of this confidential Letter, you are required to respond immediately to this email : with your full name, address and phone number for reconfirmation and immediate action. However, I want you to know that this fund will reach via bank to bank transfer, neither by any courier nor postage because we found out that there have been much Problems when trying to deliver this via courier services. Moreover the transferring bank will be introduced as soon as we confirmed from you if really you send those men to get your fund on your behalf. I also want you to know that the only fee attach to this fund which you must have to take of is the administrative charges and the paper work $90usd.So be informed.
OFFICIALLY SIGNED.
GOVERNOR OF CENTRAL BANK OF NIGERIA
GOVERNOR GODWIN EMEFIELE
OFFICE OF THE GOVERNOR
CONTACT Our Ref: CBN/OHG/OXD1/09
Your Ref: ...............
TELEX: CENTRAL BANK.
PAYMENT FILE: CBN/BEN/09.
PAYMENT NOTIFICATION,
Definitely, I know that this letter will be a surprising one to you. Firstly, I will like to introduce my self formally as Mr.Godwin Emefiele, The Executive Governor of The Central Bank of Nigeria (CBN). I am officially contacting you today because your Inheritance Funds were Re-deposited into the "Federal Suspense Account" of CBN Central Bank Of Nigeria last week, because you did not forward your Claim as the Rightful beneficiary Well known to all, The Central Bank of Nigeria is the mother Bank of all commercial Banks here in Nigeria. So has the singular right to carry out this delivery. Really these men were unexpected by me because their visit was impromptu. I had to ask them why they came to see me in person and they said that they were here to collect the Inheritance Bill in Sum of ($5 MILLION USD) which rightfully belongs to you, on your behalf. In respect of your unfinished transaction which you are unable to collect your fund. At this development I asked them who authorized them to come down to Nigeria for the Collection of this Payment and they told me that you asked them to come and collect this Funds on your Behalf. In fact this was the biggest shock that this Bank have ever received so far because your Inheritance Funds is still in the "Federal Suspense Account" of CBN, yet you sent these men to come and collect this Funds on your behalf without notifying us. We in this Bank do not understand why you sent these men to come and Collect your Funds on your behalf. If actually you want them to help you collect your Inheritance Bill Sum, at least you should have informed me as the Executive Governor of this Bank. They actually tendered some Vital Documents, which proved that you actually sent them for the Collection of this Fund. Honestly, it really baffles me that you took such decision without my consent, by and large we still have to consider the fact that as the rightful owner of the fund you still have your own rights too.
Here are the Documents, which they tendered to this Bank:
1. LETTER OF ADMINISTRATION.
2. HIGH COURT INJUNCTION.
3. ORDER TO RELEASE.
Actually, these Documents, which they tendered to this Noble Bank, is a clear Proof that you sent them to Collect this Funds for you. Finally, I told them to come back and they promised to come back. As the Governor of this Noble Bank, I was supposed to Release this Funds to them but I refused to do so because I wanted to hear from you first. Due to the Nature of my job, I will not want to make any mistake in Releasing this Funds to anyone except you whom is the Recognized Bonafide Beneficiary to this Funds. Kindly clarify us on this issue before we make this Payment to these foreigners whom came on your behalf. In receipt of this confidential Letter, you are required to respond immediately to this email : with your full name, address and phone number for reconfirmation and immediate action. However, I want you to know that this fund will reach via bank to bank transfer, neither by any courier nor postage because we found out that there have been much Problems when trying to deliver this via courier services. Moreover the transferring bank will be introduced as soon as we confirmed from you if really you send those men to get your fund on your behalf. I also want you to know that the only fee attach to this fund which you must have to take of is the administrative charges and the paper work $90usd.So be informed.
OFFICIALLY SIGNED.
GOVERNOR OF CENTRAL BANK OF NIGERIA
GOVERNOR GODWIN EMEFIELE
DIRECTIVE TO REMIT WITHHELD FUND.
Union Bank of Nigeria
HEAD OFFICE STALLION PLAZA
36, Marina Lagos.
Foreign operation office
Ogundipe Gbolahan David
E-mail: unb.bank@aol.com
Sequel to the directive from the Federal Ministry of Finance to pay your inheritance/contract/lottery sum of $750,000 USD. An ATM Card Number: 5120 8156 1062 5647 worth USD$750,000 has been accredited by the Union bank of Nigeria as part payment of your withheld transfer authorized by the Ministry of Finance. In view of the payment authorization issued by the Federal Ministry of Finance (FMF) in your favour, we request you provide us with the following information for verification and immediate release of your ATM card.
1.Full Name:
2.Phone number:
3.Delivery Address (not postal address):
4.Age:
5.Gender:
6.Occupation:
We undertake that delivery of your ATM card under this notice will be honoured upon completion of the verification/authentication process. Bear in mind that you will pay the courier service charge ($140) being the amount needed to courier your ATM card to your address as we are not authorized to make deductions from your funds. This is the case only when you cannot be present in person in our above office address to pick your ATM card. You are receiving this message as a result of the directive from the Federal Ministry of Finance instructing the Union Bank of Nigeria to release your withheld payment. You will receive your ATM card within 72hrs of receipt of the courier service charge of $140 needed to courier your ATM card to your address. Please note that you have a 7days period to comply with this request, after which non-compliance will attract declaration of your ATM card as unclaimed and funds reverted to the government treasury. Your prompt response is highly anticipated. Please help us to serve you better.
Yours Faithfully,
Ogundipe Gbolahan David
FOREIGN OPERATIONS
HEAD OFFICE STALLION PLAZA
36, Marina Lagos.
Foreign operation office
Ogundipe Gbolahan David
E-mail: unb.bank@aol.com
Sequel to the directive from the Federal Ministry of Finance to pay your inheritance/contract/lottery sum of $750,000 USD. An ATM Card Number: 5120 8156 1062 5647 worth USD$750,000 has been accredited by the Union bank of Nigeria as part payment of your withheld transfer authorized by the Ministry of Finance. In view of the payment authorization issued by the Federal Ministry of Finance (FMF) in your favour, we request you provide us with the following information for verification and immediate release of your ATM card.
1.Full Name:
2.Phone number:
3.Delivery Address (not postal address):
4.Age:
5.Gender:
6.Occupation:
We undertake that delivery of your ATM card under this notice will be honoured upon completion of the verification/authentication process. Bear in mind that you will pay the courier service charge ($140) being the amount needed to courier your ATM card to your address as we are not authorized to make deductions from your funds. This is the case only when you cannot be present in person in our above office address to pick your ATM card. You are receiving this message as a result of the directive from the Federal Ministry of Finance instructing the Union Bank of Nigeria to release your withheld payment. You will receive your ATM card within 72hrs of receipt of the courier service charge of $140 needed to courier your ATM card to your address. Please note that you have a 7days period to comply with this request, after which non-compliance will attract declaration of your ATM card as unclaimed and funds reverted to the government treasury. Your prompt response is highly anticipated. Please help us to serve you better.
Yours Faithfully,
Ogundipe Gbolahan David
FOREIGN OPERATIONS
CORPORATE PARTNER
i am Mr.Lee Pong Hohn, the vice president of GLOBAL TRADERS LIMITED,TOKYO JAPAN.My company deals on the importation and exportation of Pharmaceuticals and Textiles products and raw materials from Japan to America/Canada and theUnited Kingdom. My company is currently recruiting Representatives/Agents that will assist us with some logistics jobs as well as receiving payments on our behalf and remitting back to us. Please contact us for more information if you are interested in being an agent of my company through my email address. Subject to your acceptance of this offer, you shall be given more information about the job and your remuneration. I expect your favorable response.
Regards,
Mr.Lee Pong Hohn.
VICE PRESIDENT
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
Regards,
Mr.Lee Pong Hohn.
VICE PRESIDENT
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
Subscribe to:
Posts (Atom)