RE: TELEX/COMPUTER DEPARTMENT OF THE AFRI BANK, ACCRA- GHANA

MY NAME IS MR.FRANK .E RYAN OF TELEX/COMPUTER DEPARTMENT OF THE AFRI BANK, ACCRA- GHANA. I AM SENDING THIS PRIVATE EMAIL BASED ON THE CONFIDENTIALITY OF THE TRANSACTION. PLEASE, I WILL LIKE TO ADVISE; IF AFTER GOING THROUGH MY PROPOSAL AND YOU DO NOT ACCEPT IT, KINDLY KEEP IT TO YOURSELF.

AS OF THIS MOMENT, I AM STILL IN SERVICE WITH THE AB GHANA. AND I WILL NOT BY ANY MEANS LIKE TO LOSE MY JOB, SO IF YOU ARE NOT INTERESTED, KEEP THIS TO YOURSELF. I HAVE PUT IN OVER 23 YEARS IN THIS BANK BUT I DO NOT HAVE ANYTHING TO SHOW FOR IT. THIS IS JUST MY OPPORTUNITY TO MAKE SURE THAT I GIVE MY CHILDREN A DECENT TRAINING SINCE MY GOVT WHICH IS CORRUPT HAS REFUSED TO TAKE CARE OF ITS RESPONSIBILITY. INFANT I AM SICK AND TIRED OF EVERYTHING HERE AND I NEED TO GET OUT. I FOUND OUT THAT YOU ALMOST MET ALL THE STATUTORY REQUIREMENTS IN RESPECT OF YOUR PAYMENT. PLEASE BE EQUALLY ADVISED THAT NO SECURITY COMPANY IN AFRICA CAN HANDLE YOUR CONTRACT PAYMENT/INHERITANCE FUND WITH ANY BANK WITHOUT THE INSTRUCTIONS OF THE AFI BANK, YOUR PROBLEM IS THAT OF INTEREST GROUP IN THE FEDERAL MINISTRY OF FINANCE THAT IS SUPPOSED TO ORDER TRANSFER OF YOUR FUND WITH THE APPROVAL OF THE AB. A LOT OF PEOPLE ARE INTERESTED IN YOUR PAYMENT AND THAT EXPLAINS WHY YOU RECEIVE EMAILS AND PHONE CALLS FROM DIFFERENT PEOPLE EVERYDAY, THEIR WHOLE GAME PLAN IS TO FRUSTRATE YOU; IN-ORDER FOR YOU TO ABANDON THE PAYMENT AND THEN, THEY WILL BE COMFORTABLE AND BE FREE ENOUGH TO TRANSFER THE FUNDS INTO THEIR OVERSEAS ACCOUNT. THEIR AIM AND TARGET IS NOT THE MONEY YOU ARE GIVING THEM BUT TO FRUSTRATE YOU, HENCE, YOU HAVE LOST TRUST ON WHOM TO BELIEVE TO BE GENUINE. I CAN ASSURE YOU THAT THIS MAY LAST FOR YEARS, YET NOTHING HAPPENS,TO SUM IT UP, I WISH TO ASSURE YOU THAT WITH MY POSITION HERE IN THE TELEX DEPARTMENT, I CAN PUNCH THE COMPUTER AND CREDIT YOUR ACCOUNT STRAIGHT, I CAN ACCOMPLISH THIS UNDER FIVE WORKING DAYS, BUT WE HAVE TO REACH AN AGREEMENT. FIRST OF ALL, YOU HAVE TO LET ME KNOW HOW MUCH YOU WILL GIVE ME AT THE CONSUMMATION OF THIS DEAL. FINALLY, YOU WILL HAVE TO ACCEPT TO KEEP THIS TRANSACTION STRICTLY CONFIDENTIAL IF YOU ACCEPT MY PROPOSAL, KINDLY GET BACK TO ME IMMEDIATELY ON MY PRIVATE MAIL ADDRESS (frankryanbb@outlook.com) AND CONFIRM YOUR PARTICULARS ON REPLY.

REGARDS,

MR.FRANK RYAN
+233-541863101

Email analysis :

NOTE : frankryanbb@outlook.com
NOTE : FRANKMORGAN@AFRIBANK.COM.GH
NOTE : Received : from User (76-8-85-59.dbshosting.com [76.8.85.59])
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.00.2600.0000
NOTE : Mime-Version : 1.0
NOTE : X-Virus-Scanned : by bsmtpd at dbshosting.com
NOTE : Authentication-Results : 76.8.85.230
NOTE : X-Priority : 3
NOTE : Content-Transfer-Encoding : 7bit
NOTE : X-Barracuda-Connect : 76-8-85-59.dbshosting.com[76.8.85.59]

NOTE : Content-Type : text/plain; charset="Windows-1251"

Kindly respond for more detail

Am Gen John W Nicholson Jr. i am with the us army in Camp Abu Naji / FOB Garry Owen (Al Amarah)I need your assistant to move some funds out of Iraq.Kindly respond for more detail

Email analysis :

NOTE : Return-Path :
NOTE : X-Originatingip : 105.225.245.50 (printing)
NOTE : Mime-Version : 1.0
NOTE : smtp.mailfrom=Gen_John@us.army.mil
NOTE : Message-Id : < *.*@mgip.com >
NOTE : X-Mailer : OpenWebMail 2.53
NOTE : X-Col-Mta : smtp.colbd.com
NOTE : X-Col-Mta : dhs01.colbd.net
NOTE : Content-Type : text/plain; charset=utf-8
NOTE : Received-Spf : client-ip=202.65.168.39;
NOTE : Received : from mta.colbd.net (mta.colbd.net. [202.65.168.39])
NOTE : Received : from dhs01.colbd.net (mailx.regentfashion.com [202.65.168.44])
NOTE : Received : from mail.superknittingbd.com (mail.superknittingbd.com [202.65.169.46])
NOTE : Received : from superknittingbd.com (localhost [127.0.0.1] (may be forged))
NOTE : by mail.superknittingbd.com (8.14.4/8.14.4)
NOTE : Kindly respond for more detail

Please Act Accordingly

Dear Beneficiary,

I am Jacob J. Lew, Secretary of the Treasury under the U.S. Department of the Treasury. You can get more details about me here;

https://en.wikipedia.org/wiki/Jack_Lew

At the recently concluded meeting with the World Bank and the United Nations, an agreement was reached between both parties for us to settle all outstanding payments accrued to individuals/corporations with respect to local and overseas contract payment, debt re-scheduling and outstanding compensation payment. Fortunately, you have been selected alongside a few other beneficiaries to receive your own payment of $1.5million (One Million five hundred thousand United States Dollars only). We have been notified that you are yet to receive your fund valued at $1.5million This money will now be transferred to your nominated bank account. You are advised to kindly reply this email with the below details enclosed to help us process your payment;

(1) Full Names:
(2) Residential Address:
(3) Country of Residence:
(4) Age:
(5) Phone/Cell Number:
(6) Occupation:

Yours faithfully,

Jacob J. Lew
Secretary of the Treasury
(U.S. Department of the Treasury)

Note: The information contained in this e-mail is private & confidential and may also be legally privileged. If you are not the intended recipient, please notify us, preferably by e-mail, and do not read, copy or disclose the contents of this message to anyone.

Email analysis :

NOTE : info@usa.gov
NOTE : mrjacklew74@gmail.com
NOTE : X-Authenticated-Sender : vps.massautocomponents.com: info@massautocomponents.com
NOTE : X-Get-Message-Sender-Via : vps.massautocomponents.com:
NOTE : authenticated_id: info@massautocomponents.com
NOTE : Received : from [167.88.9.70] (port=54680 helo=User) by vps.massautocomponents.com

Notification (Phishing Crédit Agricole)

Cher(e) Client(e) :
Nous tenons de vous informer que vous avez un nouveau message.
Pour consulter votre boite de messagerie cliquez sur le lien ci-dessous :

Cliquez ici

Nous vous remercions de votre confiance.

Cordialement
Directeur de la relation clients

Reproduction dûment autorisée depuis www.pcmag.com. © 2016 Ziff Davis, LLC. All rights reserved.

Pour être sûr de recevoir nos e‑mails, ajoutez l’adresse mail@info.adobesystems.com à votre carnet d’adresses, vos contacts ou votre liste d’expéditeurs approuvés.

Email screenshot :

Phishing analysis :

CLICK : Cliquez ici
OPEN : http://hemval.se/media
REDIRECT : http://103.200.5.135/c/0x0/
SCREENSHOT :

FILL : Postal code
CLICK : Arrow
REDIRECT : http://103.200.5.135/c/0x0/auth.php
SCREENSHOT :

CLICK : Confirmer
REDIRECT : https://www.credit-agricole.fr/

Email analysis :

NOTE : "CREDIT AGRlCOLE"@kiabi.com
NOTE : Content-Type : text/html; charset=iso-8859-1
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < kjhsSjd@kiabi.com >
NOTE : Received : from kiabi.com ([84.39.40.155])
NOTE : Received : by kiabi.com (Postfix, from userid 33)
NOTE : X-Php-Originating-Script : 0:Yasodm.php
NOTE : Message-Id : < *.*@kiabi.com >
NOTE : Notification
NOTE : Kiabi.com servers were used to relay this scam.

Update Your Information Account !! (eBay Phishing attempt)

eBay

Account ID: 0073621101

We have reason to believe that your eBay account has been used fraudulently without your permission. In addition, any unauthorized activity, such as buying or selling, has been canceled and any associated fees have been credited to your account. Any listings that we removed are included toward the end of this email. We assure you that your financial information is securely stored on a server and cannot be seen by anyone.

To secure your eBay account, you need to:

1 - Login to your account.
2 - Verify the contact information.
3 - Update your payment informations and other stored information on your eBay account is correct.

For detailed instructions, please visit: www.ebɑy.com/help/account/securing-account-ID-0073621101.html

We appreciate your understanding and thank you for being part of our community.

Regards, eBay

Please don't reply to this message. It was sent from an address that doesn't accept incoming email.

Copyright © 2016.

Phishing analysis :

CLICK : www.ebɑy.com/help/account/securing-account-ID-0073621101.html
OPEN : https://www.secure-account-update-online.aloobein.ga/
REDIRECT : Phishing was removed...

Email analysis :

NOTE : Content-Type : text/html
NOTE : Mime-Version : 1.0
NOTE : X-Get-Message-Sender-Via : cpanel.hostnet.ge: authenticated_id: hostnet/only user confirmed/virtual account not confirmed
NOTE : Return-Path :
NOTE : X-Authenticated-Sender : cpanel.hostnet.ge: hostnet
NOTE : Received : from cpanel.hostnet.ge (cpanel.hostnet.ge. [212.72.155.189])
NOTE : Received : from hostnet by cpanel.hostnet.ge with local (Exim 4.87) (envelope-from < hostnet@cpanel.hostnet.ge >)
NOTE : Message-Id : < *@cpanel.hostnet.ge >
NOTE : smtp.mailfrom=hostnet@cpanel.hostnet.ge
NOTE : Update Your Information Account !!

Phishing attempt on bitcointalk email addresses

Greetings,

We know that some of you have accounts on bitcointalk.org and we wanted to let you know that a phishing attempt was made on bitcointalk email addresses earlier today.
If you received an email with the subject Mtgox.Claim assessment process, delete it and do not click on the link it contains! This email did not come from Kraken, but was spoofed to look as though it came from our support email (support@kraken.com).

We do not know how the bitcointalk email addresses were obtained, however the bitcointalk database has been compromised in the past. You can be assured that this incident was not the result of any breach in Kraken’s database and your personal information with Kraken is safe.

Even if you did receive the email, you are safe so long as you do not click on the link (just delete the email and you will be fine). If you did click on the link and are concerned about it, please contact us at: support@kraken.com.

Stay safe,

The Kraken Team