THis Will Be The last Time I Contact You About Your Compensation Fund .
Central Bank of Nigeria, Investigation has revealed that After all promises to deliver your funds 1$ has not been paid to you, However, am glad to inform you on the development of your compensation funds, For your information Your Diplomat Has arrived Ontario International Airport California, You are given 24 hours to confirm your full house/office address and valid phone number to Diplomat Named Frank Hilton To enable him deliver small box containing the cash amount of (FIVE HUNDRED THOUSAND DOLLARS ) to you today. contact
You must contact him now through email:( hilton877@yahoo.se ) or +1(951) 263-2316
Get back to me with update.
CONGRATULATIONS.
DR GODWIN EBELE
GOVERNORCENTRAL BANK OF NIGERIA
Email analysis :
NOTE : marketing@leku.com
NOTE : hilton877@qq.com
NOTE : Quickly Contact Diplomat Frank Hilton For Your Cash Call +1(951) 263-2316
NOTE : Received : from User (unknown [212.175.165.140]) by mails.leku.com (Postfix)
Tuesday, September 1, 2015
Payment for driving on toll road, invoice #00000485134 (Virus)
Notice to Appear,
You have not paid for driving on a toll road.
You are kindly asked to service your debt in the shortest time possible.
You can find the invoice is in the attachment.
Yours faithfully,
Warren Mccarthy,
E-ZPass Manager.
E-ZPass_Invoice_00000485134.zip
File analysis :
OPEN : E-ZPass_Invoice_00000485134.zip
RESULT : File is a virus.
Virus analysis :
ALYac : JS:Trojan.Crypt.NO
AVware : Malware.JS.Generic (JS)
Ad-Aware : JS:Trojan.Crypt.NO
Arcabit : JS:Trojan.Crypt.NO
Avira : HTML/ExpKit.Gen2
BitDefender : JS:Trojan.Crypt.NO
Comodo : Heur.Dual.Extensions
Cyren : JS/Nemucod.D.gen
DrWeb : SCRIPT.Virus
ESET-NOD32 : JS/TrojanDownloader.Nemucod.AV
Emsisoft : JS:Trojan.Crypt.NO (B)
F-Prot : JS/Nemucod.D.gen
F-Secure : JS:Trojan.Crypt.NO
Fortinet : JS/Nemucod.AJ!tr.dldr
GData : JS:Trojan.Crypt.NO
McAfee : JS/Nemucod.i
MicroWorld-eScan : JS:Trojan.Crypt.NO
Microsoft : TrojanDownloader:JS/Nemucod.P
NANO-Antivirus Trojan.Script.Agent.dtchtk
Rising : NORMAL:Trojan.DL.Script.JS.Nemucod.b!1616509[F1]
Sophos : Troj/JSDldr-AF
VIPRE : Malware.JS.Generic (JS)
nProtect : JS:Trojan.Crypt.NO
Email analysis :
NOTE : cadaloz@kadir.doyumsuzgeceler.com
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Php-Script : cadaloz.net/post.php for 94.23.148.159
NOTE : Received : from kadir.doyumsuzgeceler.com
NOTE : (37.58.75.120-static.reverse.softlayer.com. [37.58.75.120])
You have not paid for driving on a toll road.
You are kindly asked to service your debt in the shortest time possible.
You can find the invoice is in the attachment.
Yours faithfully,
Warren Mccarthy,
E-ZPass Manager.
E-ZPass_Invoice_00000485134.zip
File analysis :
OPEN : E-ZPass_Invoice_00000485134.zip
RESULT : File is a virus.
Virus analysis :
ALYac : JS:Trojan.Crypt.NO
AVware : Malware.JS.Generic (JS)
Ad-Aware : JS:Trojan.Crypt.NO
Arcabit : JS:Trojan.Crypt.NO
Avira : HTML/ExpKit.Gen2
BitDefender : JS:Trojan.Crypt.NO
Comodo : Heur.Dual.Extensions
Cyren : JS/Nemucod.D.gen
DrWeb : SCRIPT.Virus
ESET-NOD32 : JS/TrojanDownloader.Nemucod.AV
Emsisoft : JS:Trojan.Crypt.NO (B)
F-Prot : JS/Nemucod.D.gen
F-Secure : JS:Trojan.Crypt.NO
Fortinet : JS/Nemucod.AJ!tr.dldr
GData : JS:Trojan.Crypt.NO
McAfee : JS/Nemucod.i
MicroWorld-eScan : JS:Trojan.Crypt.NO
Microsoft : TrojanDownloader:JS/Nemucod.P
NANO-Antivirus Trojan.Script.Agent.dtchtk
Rising : NORMAL:Trojan.DL.Script.JS.Nemucod.b!1616509[F1]
Sophos : Troj/JSDldr-AF
VIPRE : Malware.JS.Generic (JS)
nProtect : JS:Trojan.Crypt.NO
Email analysis :
NOTE : cadaloz@kadir.doyumsuzgeceler.com
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Php-Script : cadaloz.net/post.php for 94.23.148.159
NOTE : Received : from kadir.doyumsuzgeceler.com
NOTE : (37.58.75.120-static.reverse.softlayer.com. [37.58.75.120])
Rép : RFQ Confirmation (VIRUS)
Good day,
Pls find attached the Inquiry specification list, kindly send us quotation.
Thanks & Best Regards,
Sashi Ranjan Rath
osco Excellence
Tel 1 (i250) : 870 773210230
Tel 2 (FB250) : 870 773208568
Tel 3 (F-77) : 870 765 091 412
Tel 4 (F-77) : 870 765 091 411
Fax: 870 765091413
Sat C 1 (Tlx): 447703830
Sat C 2 (Tlx): 447703831
Email: ismaelcarrillo_zf@yahoo.com
Order 4223.zip
File analysis :
OPEN : Order 4223.zip
RESULT : File is a virus.
Virus analysis :
SHA256: 387b4893e924421f9e91f1ee2a938b9017fe30f3bfae07abbfbf0d1b121d98fa
Baidu-International : Adware.MSIL.iBryte.DFE
ESET-NOD32 : a variant of MSIL/Kryptik.DFE
Malwarebytes : Trojan.ZBAgent.RNDGen
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Rising : PE:Malware.Generic/QRS!1.9E2D[F1]
Sophos : Mal/Generic-S
Tencent : Win32.Trojan.Inject.Auto
Email analysis :
NOTE : stefano.sambucci@transpacific.com
NOTE : ismaelcarrillo_zf@yahoo.com
NOTE : Received : from so199-177.asiawhere.com (219.84.199.177)
NOTE : Received : from 41.190.2.39 ([41.190.2.39])
NOTE : by webmail.mimifund.com (Horde Framework)
NOTE : User-Agent : Internet Messaging Program (IMP) H3 (4.3.9)
NOTE : Return-Path : < stefano.sambucci@transpacific.com >
NOTE : X-No-Auth : unauthenticated sender
Pls find attached the Inquiry specification list, kindly send us quotation.
Thanks & Best Regards,
Sashi Ranjan Rath
osco Excellence
Tel 1 (i250) : 870 773210230
Tel 2 (FB250) : 870 773208568
Tel 3 (F-77) : 870 765 091 412
Tel 4 (F-77) : 870 765 091 411
Fax: 870 765091413
Sat C 1 (Tlx): 447703830
Sat C 2 (Tlx): 447703831
Email: ismaelcarrillo_zf@yahoo.com
Order 4223.zip
File analysis :
OPEN : Order 4223.zip
RESULT : File is a virus.
Virus analysis :
SHA256: 387b4893e924421f9e91f1ee2a938b9017fe30f3bfae07abbfbf0d1b121d98fa
Baidu-International : Adware.MSIL.iBryte.DFE
ESET-NOD32 : a variant of MSIL/Kryptik.DFE
Malwarebytes : Trojan.ZBAgent.RNDGen
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Rising : PE:Malware.Generic/QRS!1.9E2D[F1]
Sophos : Mal/Generic-S
Tencent : Win32.Trojan.Inject.Auto
Email analysis :
NOTE : stefano.sambucci@transpacific.com
NOTE : ismaelcarrillo_zf@yahoo.com
NOTE : Received : from so199-177.asiawhere.com (219.84.199.177)
NOTE : Received : from 41.190.2.39 ([41.190.2.39])
NOTE : by webmail.mimifund.com (Horde Framework)
NOTE : User-Agent : Internet Messaging Program (IMP) H3 (4.3.9)
NOTE : Return-Path : < stefano.sambucci@transpacific.com >
NOTE : X-No-Auth : unauthenticated sender
Monday, August 31, 2015
Spam: Unusual Aсtіνitу : ***
Dear *** ,
Recently, there's been activity in your BankOfAmerica account that seems unusual compared to your normal account activities.
Please log in to your BankOfAmerica account to confirm your identity and update your information.
What's going on?
We're concerned that someone is using your BankOfAmerica account without your knowledge. Recent activity from your account seems to have occurred from a suspicious location or under circumstances that may be different than usual.
What to do:
Log in to your BankOfAmerica account as soon as possible.
We may ask you to confirm information you provided when you created your account to make sure you're the account holder.
Phishing analysis :
CLICK : Log in
OPEN : http://www.securityalertbofamofausa.com/page/boa/
SCREENSHOT :
Email analysis :
NOTE : admin@kyokuyo-ind.co.th
NOTE : Received : from mail.kyokuyo-ind.co.th ([202.57.154.98])
NOTE : Received : from BEABC ([122.128.109.50]) by mail.kyokuyo-ind.co.th
Recently, there's been activity in your BankOfAmerica account that seems unusual compared to your normal account activities.
Please log in to your BankOfAmerica account to confirm your identity and update your information.
What's going on?
We're concerned that someone is using your BankOfAmerica account without your knowledge. Recent activity from your account seems to have occurred from a suspicious location or under circumstances that may be different than usual.
What to do:
Log in to your BankOfAmerica account as soon as possible.
We may ask you to confirm information you provided when you created your account to make sure you're the account holder.
Phishing analysis :
CLICK : Log in
OPEN : http://www.securityalertbofamofausa.com/page/boa/
SCREENSHOT :
Email analysis :
NOTE : admin@kyokuyo-ind.co.th
NOTE : Received : from mail.kyokuyo-ind.co.th ([202.57.154.98])
NOTE : Received : from BEABC ([122.128.109.50]) by mail.kyokuyo-ind.co.th
Que la paix de dieu soit avec vous !
Bonjour Monsieur/Madame
Je n'ai pas un autre moyen de communiquer avec vous que de vous faire parvenir ce mail. Je suis dans le désespoir et mon cœur saigne au moment ou je vous fais ce message qui j'espère retiendra votre attention. Je vous contacte aujourd'hui car bien vrai que l'on ne se connaisse pas cela n'empêche ce geste de ma part. Je me nomme Monsieur DYMOCK KEITH né le 22 JUIN 1947 à Brisbane en Australie, mais pour une raison particulière, j'ai du être un aventurier à la recherche de je ne sais quoi. La raison qui me pousse à vous, est la suivante: Je voudrais passer par votre canal pour faire une œuvre de charité dans votre département.
C'est une donation en quelque sorte et elle s'élève à la somme de 650.000 Euro. Ma situation matrimoniale est telle que je n'ai ni femme et encore moins d'enfants à qui je pourrais léguer cet héritage, et je souffre présentement d'une tumeur à la gorge je suis donc condamné à une mort certaine. C’est pour cela que, je voudrais de manière gracieuse et dans le souci d'aider les enfants démunis vous donner ce dit héritage pour réaliser cette œuvre de charité.
Si vous êtes d'accord, je voudrais avoir les informations suivantes:
•Votre nom complet
•Vos contacts
•Votre pays
•Votre ville
Je vous prie d'accorder une oreille attentive à ma proposition car je compte sur votre bonne volonté et aussi le bon usage de ces fonds pour cette œuvre.
N.B: La prochaine fois, écris moi dans ma boite personnelle: dymockkeith@gmail.com
Fraternellement
Mr DYMOCK KEITH
Email analysis :
NOTE : X-Origin : 41.216.50.54
NOTE : dymockkeith@gmail.com
NOTE : estacionpetrofesrl@speedy.com.ar
NOTE : Received : from localhost (28v.terra.com [208.84.242.166])
NOTE : (authenticated user estacionpetrofesrl!speedylm)
NOTE : by mail-smtp07-mia.tpn.terra.com
NOTE : (Postfix)
Je n'ai pas un autre moyen de communiquer avec vous que de vous faire parvenir ce mail. Je suis dans le désespoir et mon cœur saigne au moment ou je vous fais ce message qui j'espère retiendra votre attention. Je vous contacte aujourd'hui car bien vrai que l'on ne se connaisse pas cela n'empêche ce geste de ma part. Je me nomme Monsieur DYMOCK KEITH né le 22 JUIN 1947 à Brisbane en Australie, mais pour une raison particulière, j'ai du être un aventurier à la recherche de je ne sais quoi. La raison qui me pousse à vous, est la suivante: Je voudrais passer par votre canal pour faire une œuvre de charité dans votre département.
C'est une donation en quelque sorte et elle s'élève à la somme de 650.000 Euro. Ma situation matrimoniale est telle que je n'ai ni femme et encore moins d'enfants à qui je pourrais léguer cet héritage, et je souffre présentement d'une tumeur à la gorge je suis donc condamné à une mort certaine. C’est pour cela que, je voudrais de manière gracieuse et dans le souci d'aider les enfants démunis vous donner ce dit héritage pour réaliser cette œuvre de charité.
Si vous êtes d'accord, je voudrais avoir les informations suivantes:
•Votre nom complet
•Vos contacts
•Votre pays
•Votre ville
Je vous prie d'accorder une oreille attentive à ma proposition car je compte sur votre bonne volonté et aussi le bon usage de ces fonds pour cette œuvre.
N.B: La prochaine fois, écris moi dans ma boite personnelle: dymockkeith@gmail.com
Fraternellement
Mr DYMOCK KEITH
Email analysis :
NOTE : X-Origin : 41.216.50.54
NOTE : dymockkeith@gmail.com
NOTE : estacionpetrofesrl@speedy.com.ar
NOTE : Received : from localhost (28v.terra.com [208.84.242.166])
NOTE : (authenticated user estacionpetrofesrl!speedylm)
NOTE : by mail-smtp07-mia.tpn.terra.com
NOTE : (Postfix)
Lucas Ashford
PLEASE SEND YOUR REPLY TO { lucasashford001@hotmail.com }
Hi,
My name is Lucas Ashford, I am working With a Veterinary Company based here in Liverpool, UK. I got your contact during my comprehensive search for a reliable and trustworthy individual/company in your country. I decided to contact you for a business with our company. The company I work with is into manufacturingof Veterinary Medicines, animal food dietary and supplement.
The company procures most of their raw materials from India in past 3 years; there is a chemical which the company used to send me to India to buy. Right now I have being promoted to the post of marketing manager. The company cannot send me to India again; they will send a more junior staff,our Director has asked me for the contact details of the supplier in India. I need a person I will present to the company as the supplier in India, our company will pay some amount inadvance to supply the materials upon the verification of the sample of the chemical.
The profit would be share between you and I on 50-50 basis after the supply. I am looking for a reliable Indian business man that understands the India local language who will assist me in contacting the local dealer of these chemical in India.I don't want to contact them directly because they will take advantage on me; this business is 100% risk free and will be another income generating business outside your specialization. If you are interested to do the business with me, kindly contact me for more details with this ID: (lucasashford001@hotmail.com)
Regards,
Lucas Ashford
Email analysis :
NOTE : Ashford@weboffi433.onmicrosoft.com
NOTE : lucasashford001@hotmail.com
NOTE : Received : from SIXPR01MB048.apcprd01.prod.exchangelabs.com ([169.254.16.200])
NOTE : client-ip=104.47.126.245;
Hi,
My name is Lucas Ashford, I am working With a Veterinary Company based here in Liverpool, UK. I got your contact during my comprehensive search for a reliable and trustworthy individual/company in your country. I decided to contact you for a business with our company. The company I work with is into manufacturingof Veterinary Medicines, animal food dietary and supplement.
The company procures most of their raw materials from India in past 3 years; there is a chemical which the company used to send me to India to buy. Right now I have being promoted to the post of marketing manager. The company cannot send me to India again; they will send a more junior staff,our Director has asked me for the contact details of the supplier in India. I need a person I will present to the company as the supplier in India, our company will pay some amount inadvance to supply the materials upon the verification of the sample of the chemical.
The profit would be share between you and I on 50-50 basis after the supply. I am looking for a reliable Indian business man that understands the India local language who will assist me in contacting the local dealer of these chemical in India.I don't want to contact them directly because they will take advantage on me; this business is 100% risk free and will be another income generating business outside your specialization. If you are interested to do the business with me, kindly contact me for more details with this ID: (lucasashford001@hotmail.com)
Regards,
Lucas Ashford
Email analysis :
NOTE : Ashford@weboffi433.onmicrosoft.com
NOTE : lucasashford001@hotmail.com
NOTE : Received : from SIXPR01MB048.apcprd01.prod.exchangelabs.com ([169.254.16.200])
NOTE : client-ip=104.47.126.245;
Subscribe to:
Posts (Atom)