Tuesday, October 20, 2015

ALERT!! COMPROMISED USER (Phishing)

Dear ***@gmail.com

Your EMAIL ACCOUNT HAS BEEN COMPROMISED. You must update it immediately or your account will be closed.

CLICK TO UPDATE [***@gmail.com]

We will not be responsible for any email hacking complains or email retrival malfunction if after this warning no response from you.

Mail Team

Phishing analysis :

CLICK : CLICK TO UPDATE [***@gmail.com]
OPEN : http://www.nowonindia.com/***/general?email=***@gmail.com

Domain analysis :

Domain Name: NOWONINDIA.COM
Registry Domain ID: 1871868589_DOMAIN_COM-VRSN
Registrar WHOIS Server: Whois.bigrock.com
Registrar URL: www.bigrock.com
Updated Date: 2015-03-18T07:33:18Z
Creation Date: 2014-08-20T06:26:59Z
Registrar Registration Expiration Date: 2019-08-20T06:26:59Z
Registrar: BigRock Solutions Ltd
Registrar IANA ID: 1495
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registrant Name: Selvakumar
Registrant Organization: N/A
Registrant Street: 3/43, 3 rd Street, 1 st Sector, K.K.Nagar
Registrant City: Chennai
Registrant State/Province: Other
Registrant Postal Code: 600078
Registrant Country: IN
Registrant Phone: +91.9790987181
Registrant Email: selvakumarinbox@gmail.com
Registry Admin ID:
Admin Name: Selvakumar
Admin Organization: N/A
Admin Street: 3/43, 3 rd Street, 1 st Sector, K.K.Nagar
Admin City: Chennai
Admin State/Province: Other
Admin Postal Code: 600078
Admin Country: IN
Admin Phone: +91.9790987181
Admin Email: selvakumarinbox@gmail.com
Registry Tech ID:
Tech Name: Selvakumar
Tech Organization: N/A
Tech Street: 3/43, 3 rd Street, 1 st Sector, K.K.Nagar
Tech City: Chennai
Tech State/Province: Other
Tech Postal Code: 600078
Tech Country: IN
Tech Phone: +91.9790987181
Tech Email: selvakumarinbox@gmail.com
Name Server: ns1.artwork.mysitehosted.com
Name Server: ns2.artwork.mysitehosted.com
DNSSEC:Unsigned
Registrar Abuse Contact Email: abuse@bigrock.com
Registrar Abuse Contact Phone: +1-888-924-4762

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : cpanel710-mail.newmediaexpress.com designates 203.174.83.148 as permitted sender)
NOTE : authenticated_id: curtis@wantarengineering.com
NOTE : cpanel710-mail.newmediaexpress.com
NOTE : Received : from [91.108.176.111] (port=1169)
NOTE : by cpanel710-mail.newmediaexpress.com with esmtpa (Exim 4.86)
NOTE : client-ip=203.174.83.148;
NOTE : ALERT!! COMPROMISED USER

Attention,

Attention,

We have deposited the check of your fund($7.600`000`00USD)through MONEY GRAM department after our final meeting regarding your fund, All you will
do is to contact money gram director Mr. Peret Eze call +229 68554062 and Email:::::deliverycompany45@yeah.net He will give you direction on how you will be receiving the funds daily.Remember to send him your Full information to avoid wrong transfer such as,

Receiver's Name_______________
Address: ________________
Country: _____________
Phone Number: _____________

Though,Mr. Peret Eze has sent $6000 in your name today so contact Mr. Johnson Robert or you call him as soon as you receive this email and tell him to give you the reference, sender name and question/answer to pick the $6000 Please let us know as soon as you received all your fund,

Best Regards.

MONEY GRAM AGENT

Email analysis :

NOTE : jamesf.entwistl@aol.fr
NOTE : deliverycompany45@yeah.net
NOTE : User-Agent : SquirrelMail/1.4.20
NOTE : 208.118.71.10 (hosted.westworld.ca)
NOTE : Received : from 41.216.50.143
NOTE : (SquirrelMail authenticated user rudy)
NOTE : by 208.118.71.10 with HTTP;

Monday, October 19, 2015

Delivery of your consignment to your door step.

Hello,

This is to inform you that your fund which you have been Processing for some period of years is coming through a Diplomatic means to your door steps in cash, From World Bank Auditor we advise you forward to us your full info to this office, your full name and home address, and your Telephone number also where you want the consignment box to been delivered, and also your International Passport or Drivers' License for Identification. As soon as we receive this information required from you the Consignment box of $8.5m will been send to you immediately and the date of our officer arriving in your Country will be given to you also we wait to hear from you soon with the info needed.
We wait your reply.

Mr. William Dempsey

Email analysis :

NOTE : dempseywilliam24@yahoo.cn
NOTE : rbrtw854@aol.com
NOTE : Received : from User ([74.116.167.51]) by mail02.nextron.com.hk

Make My Last Wish Come True For Good...

Dear Friend,

Goodday to you,it is good to write you this mail from the depth of my heart
with all sincerity and honesty, I am Margret Dotley, A widow to the Late Mr.Dotley,
who was a big business merchant in Europe and Hong Kong,Asia.
I am 60yrs old and I have been diagnosed with Esophageal cancer which has defile
all forms of medical treatment, and right now I have only about a few months to live,
according to my doctors and medical experts,i have finally been transferred to my
hometown and my bad health is gradually terminating my life and right now my days on
earth are numbered and I have not particularly lived my life so well,as I never really cared
for anyone (not even myself) but spending time taking care of the crude oil business my late
husband left behind for me and now it is time to join my late husband in heaven and I have
decided to donate and share my assets and estate to transfer my wealth as alms to the
poor and destitute people in your country and across the nation as I want this to be one of the
last good deeds I do on earth when i die.so that my soul can rest in peace,I believe that you
are the right person to accept and receive this funds,assets and real estate to transfer my wealth
as alms to the poor and destitute people for my last wish to come true and you will also benefit
and be entitled to some part of the funds and assets for yourself and family for doing the good works,
i shall be waiting for your fast reply,so that i can send you more details and information to start.

I await your urgent reply at my private emailbox at: mrs.margaretdotley@qq.com

Warmest Regards
Mrs.Margret Dotley

Email analysis :

NOTE : mrsmargaretdotley@qq.com
NOTE : mrsmargaretdotley@qq.com
NOTE : Received : from unknown (HELO smtp2.marcusevanskl.com) (211.25.238.248)
NOTE : Received : from User ([218.21.230.156]) by KLBDC.ap.menetwork.com

Dear Winner

APPLE iPHONE PRIZE AWARD DEPT.
BONANZA 2015!!!

This is to Notify you has the lucky winner of this year lottery. Your e-mail address attached to ticket number: 7-1-8-36-4-22 under agent ID: 18 and lucky ball number 7363789,which subsequently won you the lottery in the 2nd category. You have therefore been qualified for a lump sum payout of One Millions (£1,000,000) Great British Pounds(GBP) which amounts to $1,500,000.00 (One Million,Five Hundred Thousand United States DOLLARS) in cash, drawn in your favour, as the soul beneficiary and covered with the highest level of Insurance policy called the IRREVOCABLE GUARANTEE OF PAYMENT BOND. Due to mix up of some names and winning number, we ask that you keep your winning information confidential until your claim has been processed and your money remitted to you, in your perspective country. Because this is part of our new security protocol to avoid double claiming and forgery of winners identity in this program by some unscrupulous persons. This lottery was organized by an association of software manufacturers who came together from all parts of Europe including Great Britain,Spain,The Netherlands and Belgium which are the major host countries.All participants were selected through our Microsoft computer ballot draw system, were we extracted over 20,000.00 companies and 3,000,000 individual email addresses and names from all over the world. To begin your lottery claim,you are advised to complete the form below and send back to our fiduciary agent.

NAME:............................................................
AGE:.............................................................
SEX:.............................................................
ADDRESS:.........................................................
EMAIL:...........................................................
TEL.:............................................................
OCCUPATION:......................................................
COUNTRY:.........................................................

please contact your Fiduciary agent below that has been appointed for the processing of your claim with the contact address below:

MR. RUDOLF MAX FISCHER
Email: infoiphoneagent@aol.com
Tel No :+447471617092
FAX :+44-709-287-9581

Please note in order to avoid unnecessary delays and complications please remember to quote your WINNING NUMBER in all correspondence.

Warning: All winners are to claim their winning prize in not later than 1 week (7 days) of their winning notification.
Winners are to contacts us to confirm their winning through the phone number displayed before sending an email.This is done to avoid forgery and impersonation of winners information and ticket number.
This is also to inform winners that there are so many email letter all over the internet faking to be real, so be warred!!!

Note: That you are to respond to all the necessary procedure involved in collecting your prize ,and if you are not interested in claiming your prize,you are advised to draft this office your REFUSAL LETTER indicating that you are not interested in your winning prize and it should be used for the next stake. Furthermore, should there be any change of address do inform our agent as soon as possible.

The Online promotion lottery company is proudly sponsored by a group of successful business men all over the world. Internet draw is held once in a year and it is organized, because we want to encourage the use of Internet around the globe and we are beginning this year with this $1,500,000.00 as it is like a WELCOME TO 2016.

And we are proud to say that over 50 Million DOLLARS are won annually in more than 150 countries worldwide.

We wish you congratulation once again.

Your Sincerely,
Mrs.Becky Owen
For Management

NOTE: ANY BREACH OF CONFIDENTIALITY ON THE PART OF ANY WINNER WILL RESULT TO DISQUALIFICATION!

OUR Executives:
Dr. P. Swier (CEO), Mr. Gerald Goodman (Manager Foreign Operations), Mr. Franklyn Van Der Weijden (Manager Domestic Banking Operations), Dr. James Williams (Director International Credit Department), Mrs. Lonni K Anderson (Legal Representative), Mrs. Lyudmyla Marchukova(Regional Manager), Mr. Stephen Boer (Chairman), Mr. Chris Moritz(International Relation Officer).

Email analysis :

NOTE : web@theorganicgrocer.com.sg
NOTE : phil.parker1960@yahoo.com
NOTE : Received : from theorganicgrocer.com.sg (theorganicgrocer.com.sg [127.0.0.1])
NOTE : by theorganicgrocer.com.sg (Postfix)
NOTE : 128.199.170.159 (theorganicgrocer.com.sg)

Hello Friend,cc

Nashville City Intl. Airport
Address: 1 Terminal Dr, Nashville, TN 37214, United States
Code: BNA
Elevation: 183 m
Phone: +1-336-791-9575
Hours: 6:00 am – 10:00 pm

Hello Friend,cc
I am Eric Leonard, Head of inspection unit, United Nations Inspection Agency, Nashville City International Airport, Tennessee. During our investigation, I discovered an abandoned shipment through a Diplomat from United Kingdom which was transferred from Northwest Florida Beaches Airport to our facility here in Tennessee. When scanned it revealed an undisclosed sum of money in 2 metal trunk boxes weighing approximately 65kg each.

The consignment was abandoned because the content was not properly declared by the consignee as money rather it was declared as personal effect/classified document to either avoid diversion by the Shipping Agent or confiscation by the relevant authorities. The diplomat's inability to pay for non-inspection fees among other things are the reason why the consignment is delayed and abandoned.

Fortunately, my assessment revealed that each of the boxes contains about $4M or more. They are still left in the airport storage facility till today. The Consignments like I said are two metal trunk boxes weighing about 65kg each (Internal dimension: W61 x H156 x D73 (cm) effective capacity: 680 L) Approximately. The details of the consignment including your email on the official document from United Nations' office in London where the shipment was tagged as personal effects/classified document is still available with us. As it stands now, you have to reconfirm your full name, Phone Number, full address so I can cross-check and see if it corresponds with the one on the official documents. It is now left to you to decide if you still need the consignment or allow us repatriate it back to UK (place of origin) as we were instructed.

Like I did say again, the shipper abandoned it and ran away most importantly because he gave a false declaration, he could not pay for the yellow tag, he could not secure a valid non inspection document(s), etc. I am ready to assist you in any way I can for you to get back this packages provided you will also give me something out of it (financial gratification). You can either come in person, or you engage the services of a secure shipping/delivery Company/agent that will provide the necessary security that is required to deliver the package to your doorstep or the destination of your choice. I need the entire guarantee that I can get from you before I can get involved in this project. Remember to re-send your full name, contact address and your private telephone number. Looking forward to your soonest response.

Regards,
Mr. Eric Leonard
United Nations Inspection Agency
Nashville International Airport, TN
Text or call for immediate procedure:+14194691825

Email analysis :

NOTE : Agencymie@cello.ocn.ne.jp
NOTE : ericleonarder@citromail.hu
NOTE : Received : from mzcstore211.ocn.ad.jp (mv-osn-hkg002 [122.28.30.180])
NOTE : by mv-osn-hkg002.ocn.ad.jp (Postfix)
NOTE : X-Originating-Ip : [41.86.234.165]