Good Day,
I am Roberto leiro (Esq.) I must solicit your confidence in this transaction; this is by virtue of the nature as being utterly confidential. Though I know that a transaction of this magnitude will make any one apprehensive and overwhelmed, but I am assuring you that all will be well. The project I am presenting to you is a case of my late client, who willed USD$9.4million to his next-of-kin. It was most unfortunate that him and his next-of-kin died on the same day in an auto-crash, am now faced with indecision about who to pass the funds to. This email might come as a surprise to you, since there was no previous correspondence between us. My purpose of contacting you is for you to help secure the funds left behind by my late client, to avoid it being confiscated or declared unclaimed by the financial institution. The financial institution has issued me a notice to contact the existing relative on this first quarter of year 2015, less the account will be declared unclaimed and the funds diverted to the financial institution's treasury. So far, all my efforts to get hold of someone related to my late client have proved abortive. I am actually asking for your Consent to present you to the financial institution as the Next of Kin/beneficiary of my late client's fund, so that the proceeds of this will be released to you. I shall provide all the documents to back up the claim as my client's Next of Kin All I require is your honest co-operation and to enable us achieves this transaction. I wish to point out that I want 10% of this money to be shared among charity Organizations, while the remaining 90% would be shared equally between us. This transaction is entirely risk free. I will use my position as the client’s attorney to guarantee the successful execution of this transaction.
I need your reply.
Thank You
Roberto leiro (Esq.)
Reply at: robertoleirolinux@linuxmail.org
Friday, January 30, 2015
SINCERELY, GOD BLESS YOU AS YOU HELP
My name is Jeniffer, I am happy to know you, but God knows you better and he knows why he has directed me to you at this point in time so do not be afraid. I saw your contact email at ministries of commerce and foreign trade departments. I am writing this mail to you with heavy sorrow in my heart. And am contacting you because I don’t have any other option than to tell you as I was touched to open up to you, I am with Libyan embassy in London for ten years before he died in the year 2005.we were married for eleven years without a child. He died after a brief illness that lasted for only five days. & i have 8.5 million dollars to transfer to you in charity name to help poor in your place, contact me here.(jenniffer.edward@mail.com)
Sincerely.
Jeniffer Mauller Edward.
jenniffer.edward@mail.com
Sincerely.
Jeniffer Mauller Edward.
jenniffer.edward@mail.com
Saudin Farooq fmf
AUTHORIZATION TO REMIT YOUR FUND
FEDERAL MINISTRY OF FINANCE
128, JAKONDE AVENUE V/ISLAND LAGOS
PO BOX 2704 FEDERAL REPUBLIC OF NIGERIA
COMMITTEE ON FOREIGN PAYMENT
AUTHORIZATION TO REMIT YOUR FUND
Our Ref: RTG /SNT/STB
ATTN: Beneficiary,
We, the entire members of the Federal Ministry of Finance, on behalf of the Federal Republic of Nigeria, Under the auspices of the ECOWAS Head of States, comprising 16 countries these includes Nigeria, Ghana, Togo, Benin, Senegal, Mali, Burkina Faso, cote d’ Ivoire and so on, We held a meeting last week concerning payment , both foreign and local contractors/inheritance funds which has been abandon by our banks in all West African countries. Furthermore, On going through files Friday last week, we discovered that your name and email address was dumped untreated, so at this juncture, we apologize for the delay of your payment and please stop communicating with any office now and attention to this office only for you to receive your payment of $5m (Five- Million United States Dollars) accordingly . Now your new Payment Reference No.-35460021, Allocation No: 674632 Password No : 339331 , Pin Code No: 55674 and your Certificate of Merit Payment No : 103, Released Code No: 0763; Immediate Telex confirmation No: -1114433 ; Secret Code No: XXTN013, Having received these vital payment number, therefore You are qualified now to received and confirm Now you are directed to contact this Office immediately so that we will instruct you on what to do , this is to avoid mistake while transferring your overdue payment. Contact us now for immediate release of your fund and forward your Details to our office to avoid transfer mistake.
Reconfirm to us the following information immediately
Full names:
Current Address:
Mobile:
Occupation:
Your Valid ID Card:
Age:
Nationality:
Next of Kin:
NOTE: We have mounted our security network to monitor every in-coming call,if we still find out that you are still dealing with all those fraudsters that have been frustrating our efforts and defrauding beneficiaries, We shall stop and cancel your payment immediately.
Best Regards
MR. Saudin Farooq
Secretary Resolution Panel on Contract / Inheritance fund Payment
Federal Ministry of finance.
CC: Honorable Minister of Finance
Cc: Senate President.
Cc: All Foreign Payment Offices.
Cc: Board of Directors [Fbg].
Cc: Accountant General Of The Federation
fedminoffinplc@gmail.com
farooqfmfs@yahoo.pt
FEDERAL MINISTRY OF FINANCE
128, JAKONDE AVENUE V/ISLAND LAGOS
PO BOX 2704 FEDERAL REPUBLIC OF NIGERIA
COMMITTEE ON FOREIGN PAYMENT
AUTHORIZATION TO REMIT YOUR FUND
Our Ref: RTG /SNT/STB
ATTN: Beneficiary,
We, the entire members of the Federal Ministry of Finance, on behalf of the Federal Republic of Nigeria, Under the auspices of the ECOWAS Head of States, comprising 16 countries these includes Nigeria, Ghana, Togo, Benin, Senegal, Mali, Burkina Faso, cote d’ Ivoire and so on, We held a meeting last week concerning payment , both foreign and local contractors/inheritance funds which has been abandon by our banks in all West African countries. Furthermore, On going through files Friday last week, we discovered that your name and email address was dumped untreated, so at this juncture, we apologize for the delay of your payment and please stop communicating with any office now and attention to this office only for you to receive your payment of $5m (Five- Million United States Dollars) accordingly . Now your new Payment Reference No.-35460021, Allocation No: 674632 Password No : 339331 , Pin Code No: 55674 and your Certificate of Merit Payment No : 103, Released Code No: 0763; Immediate Telex confirmation No: -1114433 ; Secret Code No: XXTN013, Having received these vital payment number, therefore You are qualified now to received and confirm Now you are directed to contact this Office immediately so that we will instruct you on what to do , this is to avoid mistake while transferring your overdue payment. Contact us now for immediate release of your fund and forward your Details to our office to avoid transfer mistake.
Reconfirm to us the following information immediately
Full names:
Current Address:
Mobile:
Occupation:
Your Valid ID Card:
Age:
Nationality:
Next of Kin:
NOTE: We have mounted our security network to monitor every in-coming call,if we still find out that you are still dealing with all those fraudsters that have been frustrating our efforts and defrauding beneficiaries, We shall stop and cancel your payment immediately.
Best Regards
MR. Saudin Farooq
Secretary Resolution Panel on Contract / Inheritance fund Payment
Federal Ministry of finance.
CC: Honorable Minister of Finance
Cc: Senate President.
Cc: All Foreign Payment Offices.
Cc: Board of Directors [Fbg].
Cc: Accountant General Of The Federation
fedminoffinplc@gmail.com
farooqfmfs@yahoo.pt
MR JAMES IBE THE DELIVERY MAN I SENT HAS ARRIVED ,CALL HIM NOW(+16465689774)?
FROM THE EXECUTIVE GOVERNOR,
CENTRAL BANK OF NIGERIA (CBN)
GOV.SANUSI LAMIDO
E-mail: sanusilamido228@yahoo.com.hk
URGENT NOTICE,
ATTENTION: BENEFICIARY
This is to inform you that your delivery man has arrived with your inheritance cash trunk boxes value $8.3 million dollars in John F. Kennedy International Airport New York as their transit. I want you to know that you have 24 hours to call him now with this line (+16465689774) or email (jamesibe18@yahoo.com.ph ),then ask to speak to the diplomatic deliveryman in person of Mr.James Ibe in the United States.Let us know if you are still interested to get your two trunk boxes delivered to you today? As he has been waiting to hear from you to enable him get to your home address without missing his way. For your information, the deliveryman with your package is not aware of the content of the boxes for security purpose. Please do not tell him to avoid running away with your funds.On no account should you let him know about the content of the consignment to avoid evil intention. Most importantly you are advised to send your full data to him,which include your Full Name,Current Residential Address, Direct Cell Number,and A copy of any identity card to verify that you are the right receiver to avoid mistakes. Note that you must call me as soon as you receive this email for more discussion, Also reconfirm your full current address and valid phone number to the Delivery officer via his above email address once you receive this email to enable him deliver your cash consignment boxes to your house without any further delay or mistake. You are advised not to waste his time at the airport,so that he would not be stranded in any way because he will return if he finds out that you are not doing anything to get him over to your house.
CONGRATULATIONS.
MALLAM SANUSI LAMIDO AMINU,
EXECUTIVE GOVERNOR,
CENTRAL BANK OF NIGERIA
Gov.inf1@live.com
governorsanusil@yahoo.com.hk
CENTRAL BANK OF NIGERIA (CBN)
GOV.SANUSI LAMIDO
E-mail: sanusilamido228@yahoo.com.hk
URGENT NOTICE,
ATTENTION: BENEFICIARY
This is to inform you that your delivery man has arrived with your inheritance cash trunk boxes value $8.3 million dollars in John F. Kennedy International Airport New York as their transit. I want you to know that you have 24 hours to call him now with this line (+16465689774) or email (jamesibe18@yahoo.com.ph ),then ask to speak to the diplomatic deliveryman in person of Mr.James Ibe in the United States.Let us know if you are still interested to get your two trunk boxes delivered to you today? As he has been waiting to hear from you to enable him get to your home address without missing his way. For your information, the deliveryman with your package is not aware of the content of the boxes for security purpose. Please do not tell him to avoid running away with your funds.On no account should you let him know about the content of the consignment to avoid evil intention. Most importantly you are advised to send your full data to him,which include your Full Name,Current Residential Address, Direct Cell Number,and A copy of any identity card to verify that you are the right receiver to avoid mistakes. Note that you must call me as soon as you receive this email for more discussion, Also reconfirm your full current address and valid phone number to the Delivery officer via his above email address once you receive this email to enable him deliver your cash consignment boxes to your house without any further delay or mistake. You are advised not to waste his time at the airport,so that he would not be stranded in any way because he will return if he finds out that you are not doing anything to get him over to your house.
CONGRATULATIONS.
MALLAM SANUSI LAMIDO AMINU,
EXECUTIVE GOVERNOR,
CENTRAL BANK OF NIGERIA
Gov.inf1@live.com
governorsanusil@yahoo.com.hk
riichardhii
Hello Friend, I am Richard Hii and i am requesting for your partnership in Re-profiling funds with the bank i work in. Contact me for more details (riichardhii@gmail.com)
Regards
Richard Hii
Email analysis :
NOTE : riichardhii@gmail.com
NOTE : test@ECLECTICSL.COM
NOTE : Received : from [221.207.62.202] (port=53335 helo=User)
NOTE : by server.kirokom.com with esmtpa (Exim 4.84)
Regards
Richard Hii
Email analysis :
NOTE : riichardhii@gmail.com
NOTE : test@ECLECTICSL.COM
NOTE : Received : from [221.207.62.202] (port=53335 helo=User)
NOTE : by server.kirokom.com with esmtpa (Exim 4.84)
Fax = Trojan
Fax message (Fax #0086091)
http://79.96.148.163/.~NEW_RECEIVED_FAX/incoming.html
Sent date: Thu, 22 Jan 2015 15:00:49 +0000
Fax message (Fax #0458849)
http://pristineusa.com/~_RECEIVED~FAX~MESSAGES/incoming.html
Sent date: Thu, 22 Jan 2015 15:13:35 +0000
Fax message (Fax #3457735)
http://hifafarah.com/._RECEIVED.MESSAGES/incoming-fax_letter.html
Sent date: Thu, 22 Jan 2015 15:26:03 +0000
Fax message (Fax #4644306)
http://89.161.234.149/-_NEW_RECEIVED.FAX_MESSAGES/incoming.fax~letter.html
Sent date: Thu, 22 Jan 2015 15:08:31 +0000
Fax message (Fax #6410561)
http://www.get-the-best.com/~_RECEIVED.FAX_MESSAGES/incoming.html
Sent date: Thu, 22 Jan 2015 15:16:23 +0000
Email analysis for 5 emails :
NOTE : Received : from unknown (HELO my-fax.com) (85.133.33.10)
NOTE : Received : from unknown (HELO my-fax.com) (40.131.4.2)
NOTE : Received : from unknown (HELO my-fax.com) (91.183.230.243)
NOTE : Received : from unknown (HELO my-fax.com) (66.203.160.26)
NOTE : Received : from unknown (HELO my-fax.com) (64.20.199.98)
pristineusa.com whois :
Registrant Name: PRISTINE SOFTWARE
Registrant Organization: PRISTINE SOFTWARE
Registrant Street: 1411 W. Covell Blvd Ste 106
Registrant City: Davis
Registrant State/Province: CA
Registrant Postal Code: 95616
Registrant Country: US
Registrant Phone: +1.5307584484
Registrant Phone Ext.:
Registrant Fax:
Registrant Fax Ext.:
Registrant Email: mmadani@pristineusa.com
hifafarah.com whois :
Registrant Name: PERFECT PRIVACY, LLC
Registrant Organization:
Registrant Street: 12808 Gran Bay Pkwy West
Registrant City: Jacksonville
Registrant State/Province: FL
Registrant Postal Code: 32258
Registrant Country: US
Registrant Phone: +1.9027492701
Registrant Phone Ext.:
Registrant Fax:
Registrant Fax Ext.:
Registrant Email: 24ebf0cf0a16123311014b9d998ad564@domaindiscreet.com
get-the-best.com whois :
Registry Admin ID: Admin Name: Lentz, Eduardo
Admin Organization: Get The Best, Inc.
Admin Street: P.O. Box 18630
Admin City: Boulder
Admin State/Province: CO
Admin Postal Code: 80308
Admin Country: US
Admin Phone: (303) 941-2118
Admin Fax: 999 999 9999
Admin Email: gtbusa@IX.NETCOM.COM
Analysis of link
- CLICK LINK
- DOWNLOAD FILE : (fax_message72933.zip)
- EXTRACT FILE : fax_message23055.exe
- PAGE REDIRECTED TO FAX SERVICE WEBSITE.
Analysis of file
ALYac : Trojan.Upatre.J
AVG : Downloader.Generic14.IJZ
AVware : Trojan-Downloader.Win32.Upatre.ao (v)
Ad-Aware : Trojan.Upatre.J
Agnitum : Trojan.Staser!
AhnLab-V3 : Win-Trojan/Downloader.38400.FA
Antiy-AVL : Trojan/Win32.Staser
Avast : Win32:Trojan-gen
Avira : TR/Dldr.Kryptik.pza
BitDefender : Trojan.Upatre.J
ByteHero : Virus.Win32.Heur.c
CAT-QuickHeal : (Suspicious) - DNAScan
Comodo : TrojWare.Win32.TrojanDownloader.Waski.BA
Cyren : W32/Trojan.NMXE-6820
DrWeb : Trojan.Upatre.125
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.Upatre.J (B)
F-Prot : W32/Trojan3.NHH
F-Secure : Trojan-Downloader:W32/Upatre.J
Fortinet : W32/Kryptik.CWCJ!tr
GData : Trojan.Upatre.J
Ikarus : Trojan-Downloader.Waski
Jiangmin : Trojan/Staser.amk
K7AntiVirus : Trojan-Downloader ( 0049d22b1 )
K7GW : Trojan-Downloader ( 0049d22b1 )
Kaspersky : Trojan.Win32.Staser.awvp
Malwarebytes : Trojan.Email.FakeDoc
McAfee : Upatre-FAAJ!3B474BAEAC5F
McAfee-GW-Edition : BehavesLike.Win32.Autorun.nt
MicroWorld-eScan : Trojan.Upatre.J
Microsoft : TrojanDownloader:Win32/Upatre
NANO-Antivirus : Trojan.Win32.Kryptik.dmuguo
Norman : Upatre.FN
Sophos : Troj/Dyreza-AT
Symantec : Downloader.Upatre!gen8
TheHacker : Trojan/Kryptik.cwaa
TotalDefense : Win32/Upatre.IVVGEBC
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : TROJ_UPATRE.SMNC
VIPRE : Trojan-Downloader.Win32.Upatre.ao (v)
nProtect : Trojan/W32.Agent.38400.XP
http://79.96.148.163/.~NEW_RECEIVED_FAX/incoming.html
Sent date: Thu, 22 Jan 2015 15:00:49 +0000
Fax message (Fax #0458849)
http://pristineusa.com/~_RECEIVED~FAX~MESSAGES/incoming.html
Sent date: Thu, 22 Jan 2015 15:13:35 +0000
Fax message (Fax #3457735)
http://hifafarah.com/._RECEIVED.MESSAGES/incoming-fax_letter.html
Sent date: Thu, 22 Jan 2015 15:26:03 +0000
Fax message (Fax #4644306)
http://89.161.234.149/-_NEW_RECEIVED.FAX_MESSAGES/incoming.fax~letter.html
Sent date: Thu, 22 Jan 2015 15:08:31 +0000
Fax message (Fax #6410561)
http://www.get-the-best.com/~_RECEIVED.FAX_MESSAGES/incoming.html
Sent date: Thu, 22 Jan 2015 15:16:23 +0000
Email analysis for 5 emails :
NOTE : Received : from unknown (HELO my-fax.com) (85.133.33.10)
NOTE : Received : from unknown (HELO my-fax.com) (40.131.4.2)
NOTE : Received : from unknown (HELO my-fax.com) (91.183.230.243)
NOTE : Received : from unknown (HELO my-fax.com) (66.203.160.26)
NOTE : Received : from unknown (HELO my-fax.com) (64.20.199.98)
pristineusa.com whois :
Registrant Name: PRISTINE SOFTWARE
Registrant Organization: PRISTINE SOFTWARE
Registrant Street: 1411 W. Covell Blvd Ste 106
Registrant City: Davis
Registrant State/Province: CA
Registrant Postal Code: 95616
Registrant Country: US
Registrant Phone: +1.5307584484
Registrant Phone Ext.:
Registrant Fax:
Registrant Fax Ext.:
Registrant Email: mmadani@pristineusa.com
hifafarah.com whois :
Registrant Name: PERFECT PRIVACY, LLC
Registrant Organization:
Registrant Street: 12808 Gran Bay Pkwy West
Registrant City: Jacksonville
Registrant State/Province: FL
Registrant Postal Code: 32258
Registrant Country: US
Registrant Phone: +1.9027492701
Registrant Phone Ext.:
Registrant Fax:
Registrant Fax Ext.:
Registrant Email: 24ebf0cf0a16123311014b9d998ad564@domaindiscreet.com
get-the-best.com whois :
Registry Admin ID: Admin Name: Lentz, Eduardo
Admin Organization: Get The Best, Inc.
Admin Street: P.O. Box 18630
Admin City: Boulder
Admin State/Province: CO
Admin Postal Code: 80308
Admin Country: US
Admin Phone: (303) 941-2118
Admin Fax: 999 999 9999
Admin Email: gtbusa@IX.NETCOM.COM
Analysis of link
- CLICK LINK
- DOWNLOAD FILE : (fax_message72933.zip)
- EXTRACT FILE : fax_message23055.exe
- PAGE REDIRECTED TO FAX SERVICE WEBSITE.
Analysis of file
ALYac : Trojan.Upatre.J
AVG : Downloader.Generic14.IJZ
AVware : Trojan-Downloader.Win32.Upatre.ao (v)
Ad-Aware : Trojan.Upatre.J
Agnitum : Trojan.Staser!
AhnLab-V3 : Win-Trojan/Downloader.38400.FA
Antiy-AVL : Trojan/Win32.Staser
Avast : Win32:Trojan-gen
Avira : TR/Dldr.Kryptik.pza
BitDefender : Trojan.Upatre.J
ByteHero : Virus.Win32.Heur.c
CAT-QuickHeal : (Suspicious) - DNAScan
Comodo : TrojWare.Win32.TrojanDownloader.Waski.BA
Cyren : W32/Trojan.NMXE-6820
DrWeb : Trojan.Upatre.125
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.Upatre.J (B)
F-Prot : W32/Trojan3.NHH
F-Secure : Trojan-Downloader:W32/Upatre.J
Fortinet : W32/Kryptik.CWCJ!tr
GData : Trojan.Upatre.J
Ikarus : Trojan-Downloader.Waski
Jiangmin : Trojan/Staser.amk
K7AntiVirus : Trojan-Downloader ( 0049d22b1 )
K7GW : Trojan-Downloader ( 0049d22b1 )
Kaspersky : Trojan.Win32.Staser.awvp
Malwarebytes : Trojan.Email.FakeDoc
McAfee : Upatre-FAAJ!3B474BAEAC5F
McAfee-GW-Edition : BehavesLike.Win32.Autorun.nt
MicroWorld-eScan : Trojan.Upatre.J
Microsoft : TrojanDownloader:Win32/Upatre
NANO-Antivirus : Trojan.Win32.Kryptik.dmuguo
Norman : Upatre.FN
Sophos : Troj/Dyreza-AT
Symantec : Downloader.Upatre!gen8
TheHacker : Trojan/Kryptik.cwaa
TotalDefense : Win32/Upatre.IVVGEBC
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : TROJ_UPATRE.SMNC
VIPRE : Trojan-Downloader.Win32.Upatre.ao (v)
nProtect : Trojan/W32.Agent.38400.XP
Subscribe to:
Posts (Atom)