Friday, January 15, 2016

Attention :Email owner

UN/WB/FNG COMPENSATION COMMISSION
OUR REF: UN-FGA/WB4/13
YOUR REF: (UN/WB/FGA). 00/13

Attention :Email owner

Scammed issues has been rectified after UN enquirers meetings with the United States governments council been verified by our regional Intelligence Monitoring Network System Unit, your detail/info among listed individual to be compensated, that were scammed through:(contracts, inheritance overdue payment/next of kin or ATM delivery payment and diplomatic means) transactions. After series of complains from FBI and other security agencies from the various continent against Africa for the rate of scam activities going on in these nations. As you are aware, many foreigners have invested millions of dollars into Africa transactions in hopeless dreams to have none of them become a reality, as directed by Mr. Ban Ki-Moon, we agreed with United States Government that US$2.7,will be paid as compensation to you as one of the victims.

1: Full Name
2: Address
3: Direct Phone (Mobile, Home)
4: Amount that was defrauded from you

UN department of the Compensation Commission United States Region UN/WB/FGA
Contact Person: Dr. Richard James
E-mail: unwbfngcompensationcmmission@gmail.com

Regards,

Arledge T. Marie
Protocol Officer
UN/WB/FNG COMPENSATION COMMISSION

Email analysis :

NOTE : unwbfngcompensationcmmission@gmail.com
NOTE : antaresadm@infovia.com.ar
NOTE : Received : from infovia.com.ar
NOTE : (mail-web-atmail03-mia.terra.com [208.84.242.161])

NOTE : (authenticated user antaresadm!infovialm)
NOTE : by mail-smtp03-mia.tpn.terra.com (Postfix)
NOTE : X-Mailer : TerraMail PHP 5.2

Wilson Jones LOAN OFFER

Good day,

We came across your email address related to private placement and project funding.

This is to inform the general public that we are currently giving out loans at a low interest rate of 5%. If you are interested in applying for a loan, please contact us via our E-mail on: credit_solution1@outlook.com

Email analysis :

NOTE : wilsonjones122@gmail.com

Thursday, January 14, 2016

URGENT RFQ (MORE VIRUS)

Dear Sir,

We sent you an order inquiry last week, but we did not receive any response from your regarding our order.

ATTACHED is a copy of NEW ORDER LIST for December Shipment. Please let me know the availability and your best prices of MATERIALS MARKED IN BLUE.

We will be waiting for your quotation.

Best Regards,
Roy
Al Nasser LLC

Virus analysis :

RFQ NO (14203) JAN DELIVERY ETA ETD PMM 01062016 jpeg1..ace

SHA256 : dacb8ff543c462f954500431f2a795a24ed10fa454cd7f27e3f0f1787dbe58fa
AVG : MSIL9.BEMV
Ad-Aware : Gen:Variant.Zusy.175290
Arcabit : Trojan.Zusy.D2ACBA
Avast : MSIL:Injector-NE [Trj]
BitDefender : Gen:Variant.Zusy.175290
Cyren : W32/Trojan.ZNMT-3910
DrWeb : Trojan.PWS.Siggen1.45471
ESET-NOD32 : a variant of MSIL/Injector.NLR
Emsisoft : Gen:Variant.Zusy.175290 (B)
F-Prot : W32/Trojan3.TDU
F-Secure : Gen:Variant.Zusy.175290
Fortinet : PossibleThreat.P0
GData : Gen:Variant.Zusy.175290
Ikarus : Evilware.Outbreak
Kaspersky : Trojan-PSW.Win32.Tepfer.psxdsw
MicroWorld-eScan : Gen:Variant.Zusy.175290
Microsoft : Trojan:Win32/Dynamer!ac
Panda : Trj/CI.A
Sophos : Mal/DrodAce-A

RFQ#Requirments Quote list ETD 05012015 RFxNumber 6200133094 jpeg2..ace

SHA256 : b7dd4530f2b97c33d1ea6df114d8fd7a9a6c6b1b78288394fbcf175b182e4da0
AVG : MSIL9.BEMV
Ad-Aware : Gen:Variant.Zusy.175290
Arcabit : Trojan.Zusy.D2ACBA
Avast : MSIL:Injector-NE [Trj]
Avira : TR/Dropper.MSIL.242773
BitDefender : Gen:Variant.Zusy.175290
Cyren : W32/Trojan.PNIW-7381
DrWeb : Trojan.PWS.Siggen1.45471
ESET-NOD32 : a variant of MSIL/Injector.NLR
Emsisoft : Gen:Variant.Zusy.175290 (B)
F-Secure : Gen:Variant.Zusy.175290
Fortinet : PossibleThreat.P0
GData : Gen:Variant.Zusy.175290
Ikarus : Evilware.Outbreak
Kaspersky : Trojan-PSW.Win32.Tepfer.psxdsx
MicroWorld-eScan : Gen:Variant.Zusy.175290
Microsoft : Trojan:Win32/Dynamer!ac
Panda : Trj/CI.A
Sophos : Mal/DrodAce-A

Email analysis :

NOTE : brainkings24@gmail.com
NOTE : ecos@atr.ecos.kz
NOTE : Received : from [142.54.171.74] (helo=User)

NOTE : by ecos.kz

Urgent RQF

NOTE : Received : from [142.54.171.74] (helo=User) by ecos.kz

JOHN EMERSON

Attn:

We have deposited the check of your fund ($4.500`000`00USD) through Western Union department after our finally meeting regarding your fund, All you will do is to contact Western Union director Dr.JOHN EMERSON via E-mail: (western286union@gmail.com)He will give you direction on how you will be receiving the funds daily.Remember to send him your Full information to avoid wrong transfer such as,

Receiver's Name_______________
Address: ________________
Country: _____________
Phone Number: _____________

Though, MR JOHN EMERSON has sent $5000 in your name today so contact Dr.kelvin jeo or you call him (+229-68473322)as soon as you receive this email and tell him to give you the Mtcn sender name and question/answer to pick the $5000 Please let us know as soon as you received all your fund,

Best Regards.

Email analysis :

NOTE : western286union@gmail.com
NOTE : commerceau01@gmail.com
NOTE : johnemer@cantv.net
NOTE : Received : from 41.216.48.87 ([41.216.48.87])
NOTE : by webmail-05.datacenter.cha.cantv.net

Scammer's last position :

Mr.Pascal Drissa (Libya Scam)

Good Day,

I am Mr.Pascal Drissa a senior staff with a financial Bank.

I want to let you know that the project is all about the transfer of the sum of US$6.7M which belongs to the late son of Libyan leader
Mr.Mutassim Gaddafi,

you should send your information for more details. I am waiting to hear from you soon.

thanks,
Mr.Pascal Drissa

Email analysis :

NOTE : P_drissa1@yahoo.com
NOTE : d.pascal782@laposte.net
NOTE : Received : by 66.196.81.118;