Contact DHL Courier Company for Your CORPORATE VISA CARD (US$2.7Million)

Dear: Beneficiary,

Having reviewed all the obstacles and problems surrounding the transfer of your (US$2.7Million) and your inability to meet up with some charges levied against you due to the past transfer options, We the Board of Directors, Bank Of Africa (BOA) has ordered our Foreign Payment Remittance Unit to issue you a CORPORATE VISA CARD where your payment will be uploaded and today, we got notice that your Payment has been uploaded into this CORPORATE VISA CARD and also have registered it with DHL for delivery.

For your information the delivery charges has been paid and they were supposed to have shipped your packaged ATM CARD but they insisted that you must re-confirm to them your current delivery address to ensure accurate Delivery. MOST IMPORTANT:
Therefore e-mail them with the details below:

1. Full Name:……….
2. Address:…………
3. Telephone Number :…….
4. Country:…………..
5. Occupation:……………
5. Age:…………….
6. Sex:……………..
7. A scan copy of your passport:…..

Dr. lionel zinsou.
DHL Courier Company Benin Republic,
Plot No. 23 Patte D’Oie
03 BP 2147 Cotonou
+229-6225-8909
E-mail (lionelzinsou17@mail.com)

Contact DHL Courier Company for Your CORPORATE VISA CARD (US$2.7Million)

Email analysis :

NOTE : lionelzinsou17@mail.com
NOTE : DHL.@leaf.ocn.ne.jp
NOTE : X-Originating-Ip : [41.138.89.222]

NOTE : lionelzinsou17@mail.com

PAYMENT INSTRUCTION AS NEXT OF KIN

Dear:Sir/Madam,

Compliments of the day to you.

I am Dr. (Mrs.) Dame Patience Jonathan GCFR), wife to the Ex- President of Nigeria who hand over government to an Opposition Government on the 29th of May, 2015. I am contacting you in confidence, and as a means of developing a cordial and fruitful business relationship. I currently have within my reach, the sum of twenty Five million United States Dollars, which I and my children intends to use for investment purposes specifically in your country. This money came as a result of a payback contract deal between my husband and a Russian firm in our country’s multi-Billion Dollar Ajaokuta Steel Plant. The Russian’s returned my husband’s share of US$25,000,000.00 after his hand over to the Opposition Government, and i lodged it in Citibank of London, United Kingdom. Right now, the New government of Muhammadu Buhari has intensified their probe on MY family’s financial resources; frozen all our known local accounts, revoked our oil licenses, pending the outcome of their investigations. In view of these facts, I acted fast to deposited the US$25,000,000.00 in a private security account of which I alone know of it’s existence. I have since declared the security account bankrupt. No record whatsoever exists concerning this money traceable by the new government of Nigeria, because there is no documentation showing that we received the money from Russians. Therefore the current situation in my country concerning government’s attitude towards my family, it has become quite impossible for us to make use of this money within. I thus wish to discretely transfer this money out of London with your help, to be invested in your country (under your professional guidance), and to help start operation in an Oil Refinery which my Husband built in Brazil before 2011 Presidential General election. I shall expect you to contact me urgently to enable us discuss this transaction in details. Perhaps 40% to you and 55% to my family, while 5% goes to any expenses during the transaction, I want you to contact my Personal Attorney Mr.Bello Ali through his below information to direct you on how the Citibank Group of London will release the fund to you.

Moreover,i also want you to fill the appropriate form immediately.

[1] Full Names:_____________
[2] Contact address_________
[3] Direct Telephone No: ____
|4| Occupation : _______

Finally, you are here by advised to call Barrister Bello Ali on his private phone number +2349039563882, to enable him forward your contact information to the Bank for immediate release of the funds as the Next of Kin to my family. PLEASE REPLY TO HIS PRIVATE EMAIL ADDRESS: belloali2001@gmail.com, or bello_ali2016@yahoo.com,to enable him forward to the Citibank of London for the release of the fund.

Best regards,

DR. Mrs. Dame Patience Jonathan.
Wife of Former Nigeria President.
You may call My-Direct No:+2348094254064.

Email analysis :

NOTE : belloali2001@gmail.com
NOTE : dpp@sdfghjiokjhds.onmicrosoft.com
NOTE : PAYMENT INSTRUCTION AS NEXT OF KIN

Vous avez (1) nouveau message (Blockchain Phishing)

Bonjour,

Vous avez (1) nouveaux messages Sur Votre Messagerie.

Consulter Votre Messagerie,

en cliquant Sur Le lien ci-dessous :

Votre Messagerie

Nous vous remercions de votre confiance.

Service BNP PARIBAS Messagerie.

Having technical difficulties or have a comment about the survey? E-mail us

This survey is available for a Iimited time. We apologise if you are unable to participate.

As explained in Apple's privacy policy, we may use your personal information to contact you to participate in market research surveys. Participation in this or any Apple survey is optional. Unsubscribe from surveyshere.

Other Apple links:

Get help Update your info Leave product feedback

TM and copyright © 2015 Apple Inc. 1 Infinite Loop, MS 303-4CA, Cupertino, CA 95014.
All Rights Reserved / Privacy Policy

Email analysis :

NOTE : info@asos.fr
NOTE : oyuioi@asos.fr
NOTE : X-Mailer : PHPMailer [version 1.73]
NOTE : Received : from asos.fr ([166.63.123.197])

Phishing analysis :

CLICK : Votre Messagerie
OPEN : http://vetclinic-24h-mada.com/yguy
RESULT : Phishing was unresponsive...
TRY : http://vetclinic-24h-mada.com/
SCREENSHOT :

RESULT : IS THIS A PHISHING ? YES, THIS IS A BLOCKCHAIN PHISHING !
CLICK : Se Connecter
REDIRECT : https://blockchain.info/

DocuSign Document (Dropbox Phishing)

You have a new file shared with you via Dropbox secure file transfer

Click here to view

Dropbox Pro also comes with
powerful sharing and security features:
scan.28373.pdfPièce jointe.png

Sign in to access shared file

If you prefer not to receive Dropbox newsletters, please go here.
Dropbox, Inc., PO Box 77767, San Francisco, CA 94107 © 2016 Dropbox

Email screenshot :

Email analysis :

NOTE : Temitjcob@mrapesinol.com
NOTE : X-Organization : ykyrhqaxljfo129498
NOTE : staymoola09@maymostfavour.com
NOTE : X-Originating-Ip : [75.148.115.97]

Phishing analysis :

CLICK : Click here to view
OPEN : http://bit.do/b69KJ
RESULT : Phishing was removed...

INVESTNENT BUSINES PLANE

G-Ideas
75, Washington Avenue
Victoria Island Lagos

Dear Sir/madam,

G-Ideas is a financial management company managing the wealth of some persons both in government and outside government. A serving minister who is one of my clients wants to invest and buy some properties overseas has asked me to find someone who would help him to buy properties in choice areas either in Europe, America or Asia.

Details of this business will be given to you if you are interested to serve as our oversea agent.

Yours faithfully,
Gilbert Onwubiko
CEO G-Ideas.

Email analysis :

NOTE : brtbed0211@bol.com.br
NOTE : g-ideas@outlook.com
NOTE : Received : from static-190-24-156-78.static.etb.net.co
NOTE : 190.24.156.78

Atm Visa Card ($20Million).

Please contact Mr. George Bush Email: speedtrust21@outlook.com Phone
Number: +229-9836-4438 with your full address.

Email analysis :

NOTE : Atm Visa Card ($20Million).
NOTE : speedtrust21@outlook.com
NOTE : ginmacc@tin.it
NOTE : Received : from (197.234.219.18)

NOTE : by wmlighttin.pc.tim.it;
NOTE : Content-Type : text/plain;charset="UTF-8"

PLEASE PERMIT ME

Mr. Jimmy Chien
Vice President/Branch Manager
Industrial and Commercial Bank of China (USA) NA
South San Francisco Branch
235 Grand Avenue, Suite No. 101
South San Francisco, CA 94080, USA

Greetings,

I am Mr. Jimmy Chien, Vice President /Branch Manager ICBC South San Francisco Branch here in California. I am contacting you base on my facts finding about your reputationand someone I can trust for this purpose. The content of my email is a bit detailed that is why I first seek your permission, to let you know before emailing my proposal so won't trash it when I do. Please grant me your permission to email you my proposal of which I know will be acceptable to you if you are willing to be honest with me.

Waiting for your response.

Mr. Jimmy Chien,
Vice President/Branch Manager
Industrial and Commercial Bank of China (USA) NA
South San Francisco Branch.

Email analysis :

NOTE : cjimmy160@gmail.com
NOTE : 2055@charter.net
NOTE : Received : from User (localhost.localdomain [127.0.0.1])
NOTE : by gain-nc.amdswireless.com
NOTE : 24.216.88.183 ()

Automated Tax Refund Notification (HMRC Phishing)

If you can't see this message, view it in your browser.

HM Revenue & Customs

After the last calculations of your fiscal activity , we determined that you are aligible to receive a tax refund of 380.01 £.

To access your tax refund, please follow this link

NOTE: A refund can be delayed a variety of reasons , for exemple submitting invalid records or applying after deadline. Revenue and Tax Administrator

HM Revenue & Customs Tax Credit Office
PO Box 1970
L75 1WX.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

Email screenshot :

Email analysis :

NOTE : bruce.stewart.agent@gov.uk
NOTE : X-Barracuda-Url : http://10.10.100.232:8000/cgi-mod/mark.cgi
NOTE : X-Barracuda-Connect : 173-12-155-133-northgulf.hfc.comcastbusiness.net
NOTE : [173.12.155.133]
NOTE : mailhost.towne.com
NOTE : X-Barracuda-Auth-User : besadmin
NOTE : X-Barracuda-Apparent-Source-Ip : 173.12.155.133

NOTE : client-ip=12.200.104.232;

Phishing anaylsis :

CLICK : this link
OPEN : http://educacaoadistancia.blog.br/wp-includes/hmrc/
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/?*
SCREENSHOT :

CLICK : Let Start
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/indentify.php?ip=*
SCREENSHOT :

FILL : FORM
CLICK : Next
SCREENSHOT :

NOTE : LOADING A FAKE REFUND...
CLICK : Start Refund
SCREENSHOT :

SELECT : A bank...
CLICK : Next
SCREENSHOT :

FILL : FORM
CLICK : Continue
SCREENSHOT :

CLICK : Confirm Tax Refund
SCREENSHOT :

REDIRECT : https://www.gov.uk/government/organisations/hm-revenue-customs

I thought you might be interested in this link

Hello!

Hello,

We offer Loan to serious individual or an Organization with low interest rate of 3% PA and maximum with no credit check, Loan period of 10yrs with Option of Rollover up to 2yrs. Loan Amount ranges from $1,000 Minimum up to a maximum of $20 Million with World Class standard facilities to make sure the funds gets to you at ease. all our loans & procedures are approved and qualified by our fully experienced compliance team. Equity Zen financial service has become one of the largest independent loan companies. We have an excellent reputation for the provision of first class financial loan products with exceptional customer service. any interested applicant should contact us to this Email: equityzenfinancialservice@gmail.com

Application Form To Fill Below..

Name:.............
Surname:...................
Gender:.......................
Country:...................
Date of Birth:.........................
Occupation:......................
Purpose for the loan:...................
Phone Number:...................
Loan amount needed:...........................
Duration:.................
Monthly income / annual income:....................

Thank You.

David Rosen

Click here to read the article.

If you have trouble viewing the link, copy and paste the following link into your browser:

http://www.***.com/_layouts/protiviti/emailtofriend.aspx

For more information on Protiviti, visit www.***.com.

Email leak :

calebshmidt13@gmail.com, neilrochford@mail.com, joncolbert62@yahoo.com, fracisb99@gmail.com, red3ds@hotmail.co.uk, abankwater@gmail.com, Ivorstiffun40@gmail.com, peter.larinzsky@mail.com, sanfran_4one9ersfan@yahoo.com, gregory138@outlook.com, elliotcaddy@yahoo.com, barb@excelquest.com, james.sullivan.sykes@gmail.com, craig.dole75@gmail.com, Williamjames@gmx.co.uk, john.smith431221@gmail.com, kevin.pesci.business@gmail.com, scottstorch1@gmail.com, christunstall113@yahoo.com, rngmusick@gmail.com, azzkikkr9000@gmail.com, adz2000sg@gmail.com, jonathanwalker121@gmail.com, martinmcpherson1980@gmail.com, johanna@dollsdancers.fi, jbankwater@gmail.com, andreym56@rothga.com, barrykrunt@gmail.com, cathymullernyc@gmail.com, obrawkins.nathan@gmail.com, christian.lemon@gmx.com, smatz97@gmail.com, Bradymartha55@gmail.com, laja602@outlook.com, booptittybopbop2@gmail.com, ted.sergeant@outlook.com, danielandersonprivate@gmail.com, justcallmeminty@gmail.com, chansenchristine@openmailbox.org, jessie_1186@outlook.com, everyrosehasitsthorn56@gmail.com, kohlmansean@gmail.com, oliverjohnson1979@gmail.com, gabrieler.wall@mail.com, fiets@lunitje.nl, calvinghaggerty@gmail.com, jpistmobank@gmail.com, noradam1@gmx.com, oli.dugmore@gmail.com, clalande1754@gmail.com, trip.jensen@gmail.com, hotsoolahx@yahoo.com, lewis.wake@hotmail.com, Capricehaywood@yahoo.con, thehumanfundfoundation@gmail.com, phyllisf2@comcast.net, benhess777@gmail.com, tellytubbins@gmail.com, michaelkoxlong@hotmail.com, info@waterfrontbarton.co.uk, hydrolichotdog@gmail.com, WilkesHenry@mail.com, josh.lyman432@gmail.com, info@regalcredit.org.uk, stan.bowers@techmarketproviders.com, danyelthefallen@yahoo.com, wilfred.martinson@yahoo.com, chuckaspeer2@gmail.com, melissastuder91@outlook.com, Dumaseura@gmail.com, alexhendrik00@hotmail.com, bgrompton@gmail.com, carlosmalaga2014@gmail.com, Ledbetter.antonio@yahoo.com, aaronthreepwood@gmail.com, david.mirren@gmail.com, sebastianhsh@live.com, rwdawson75@gmail.com, dionspencer230@gmail.com, iainjones2015@gmail.com, Ravensblackrevenge@gmail.com, ferdinand.gash@gmail.com, galtaureus3@gmail.com, bob.grimley1968@gmx.com, marek.folkos@seznam.cz, jonthorton1@gmail.com, rainman9292@gmail.com, vladeemervladimirovich@outlook.com, oliver.queen@dutchmail.com, dos.perros@gmail.com, timmywest88@gmail.com, drjack.johnson@yahoo.com, ericforman67@gmail.com, Amiller12@mail.com, bf.kurtons@gmail.com, jlinker29@outlook.com, lize.daily@gmail.com, mzeegen@outlook.com, gussyginny@gmail.com

Email analysis :

NOTE : equityzenfinancialservice@gmail.com
NOTE : client-ip=157.56.111.247;

DEAR BENEFICIARY

I,m Jeh Charles. Johnson. The secretary of the U.S Department of Homeland security Washington DC. Office Address: 3801 Nebraska Ave NW, Washington, DC 20016, United States. We received a report from ECOWAS that you have an abandoned fund worth $4.5 Million in West Africa. I have instructed ECOWAS and the concerned authorities to bring the consignment box to our Head office in Washington DC. the fund will arrive my office today. I want you to kindly Reconfirm Your Full Name, Current Home Address, Nearest Airport and your Direct Cell Phone # So that arrangement can be made for the delivery of the consignment to your home address. I can be reached at (213)295-1439

I wait to hear from you.

Honorable Jeh C. Johnson
The secretary of
the U.S Department of
Homeland security
Washington DC
Office Address:
3801 Nebraska Ave NW,
Washington, DC 20016,
United States.

Email analysis :

NOTE : www.@grace.ocn.ne.jp
NOTE : jehcharles007@gmail.com
NOTE : X-Originating-Ip : [43.231.232.17]

NOTE : Received : from mf-smf-ucb003.ocn.ad.jp
NOTE : Received : from mzcstore422.ocn.ad.jp
NOTE : client-ip=153.149.230.9;

NOTE : Content-Transfer-Encoding : 7bit

United Nations ATM Card Settlement This Season.

Attention: Beneficiary,

We have been having series of meetings for the passed 1 month now which ended 2 days ago with the Nigeria Government, and the former Secretary-General (Hon. Kofi Annan) to the UNITED NATIONS. Federal Reserve Bank of New York, HSBC Bank of United Kingdom (UK) with the World Bank Officials. This email is for all the people that have not been paid, for their contract/inheritance in any part of the world, the United Nations, Federal Reserve Bank of New York HSBC Bank of United Kingdom (UK) Reserve Bank of Nigeria, with the World Bank officials have agreed to compensate them with the sum of Four Million, Nine Hundred Thousand US Dollars each victim. This includes every foreign contractor that may have not received his or her contract sum and people that have had an unfinished transaction, people who have inheritance to claim or international businesses that failed due to instability of government in some part of World. We found your email address in our list and that is why we are contacting you, these have been agreed upon and have been duly signed.Therefore, we are happy to inform you that your ATM Card Number: 4120 5350 0015 has been approved and upgraded, via ZENITH BANK INT'L in your favor.Meanwhile, your Secret Pin Number will be available as soon as you confirm to us the receipt of your ATM CARD. The ATM Card Value is $6,300,000.00 USD Only. You are advised that a maximum withdrawal value of US$20,000.00 is permitted daily.And its is duly inter-switched and you can make withdrawal in any location of the ATM Center of your choice/nearest to you any where in the world. We have also concluded delivery arrangement with our accredited courier service Company DHL or Fedex to deliver your package to your door step. Be informed that your response would be by telephone or through email Only.Any further delay will be the pleasure of the UNRC to use your fund to help the people who have been displaced in Darfur, Sudan Africa which you can see it in this site http://www.savedarfur.org/ and the Tsunami's victims in Asia. So you are hereby advice to forward to this office Director ATM SWIFT CARD Department Therefore, you should send him your full Name and telephone number/your correct mailing address where you want him to send the ATM to you. Contact Person Apostle Robert Gate immediately for yourATM SWIFT CARD:

Person to Contact Apostle Rolland Eze E-mail: { fundscompenssation@qq.com } We are working according to the constitution binding this committee as well as helping the less privilege through this means. You will be required to contact the above mentioned institution via telephone or email. Hoping to hear from you as soon as you receive your ATM card.

1.YOUR FULL NAME ................
2.PHONE AND FAX NUMBER...............
3.ADDRESS WERE YOU WANT US TO SEND THE ATM CARD...............
4.A Copy Of Your Identity Attached To e-mail

Best Regards,

Mr. Ban-Ki Moon

Email analysis :

NOTE : United Nations ATM Card Settlement This Season.
NOTE : appostles-rolland@mail.com
NOTE : fundscompenssation@qq.com
NOTE : 5.200.37.74 ()
NOTE : Received : from unknown (HELO ps-1c.ru) (5.200.37.74)

no reply (Phishing Crédit Agricole)

Cher(e) abonné(e),

Cet email a été envoyé par l'équipe Crédit Agricole pour vous informer que nous n'avons pas pu traiter votre paiement de facture.

Ceci pourrait être du a l'une ou l'autre des raisons suivantes:

1.Un changement récent de vos informations personnelles. (par exemple : adresse de facturation, téléphone..)

2. Soumission d'informations incorrecte pendant le processus de paiement de facture.

Pour s'assurer que votre service ne soit pas interrompu, nous avons invitons à confirmer et à mettre à jour toutes vos informations de facturation en cliquant ici:

ACCÈS

Votre Service Clients reste à votre écoute 24h/24h, 7J/7.

Cordialement,

Email analysis :

NOTE : no-reply@rdp.fr
NOTE : webmaster@web.pharmalink.cz
NOTE : X-Php-Originating-Script : 33:admin.php
NOTE : Received : by ispc03.suptech.cz (Postfix, from userid 33)

Phishing analysis :

CLICK : ACCÈS
OPEN : http://www.lacurvadeibaci.it/a/Agricole
RESULT : Phishing is unresponsive

Lt Selina Nitra

Hi dear,

you are very nice

I wish i could get to know you for it is my pleasure to have you as my friend for a friend is all about Respect,,,Admiration,contentious and affectionante also friendship is consist of sharing of ideas and showing true affection without cheats,,,lies and betray so can you welcome me, lets get to the ocean of love ?????????????

I am Lt Selina Nitra by name

Email analysis :

NOTE : Hi
NOTE : ltseliinarespect@hotmail.com
NOTE : client-ip=212.82.97.77;

NOTE : Mime-Version : 1.0
NOTE : Received : from jws11193.mail.ir2.yahoo.com
NOTE : by sendmailws168.mail.ir2.yahoo.com

Découvrez le pack PASS. (Phishing Société Générale)

Cliquez-ici pour activer ce service

Si vous ne voulez plus recevoir ce message automatique, connectez-vous à votre espace employeur et modifiez l'option de rappel de déclaration dans la rubrique

Email screenshot :

Email analysis :

NOTE : "SOCIETER GENERALE"@urbanpoint.com
NOTE : Content-Type : text/html; charset=iso-8859-1
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < infox@urbanpoint.com >
NOTE : Received : from urbanpoint.com ([84.39.46.102])
NOTE : Received : by urbanpoint.com
NOTE : X-Php-Originating-Script : 0:xroot.php
NOTE : Message-Id : < *.*@urbanpoint.com >
NOTE : Découvrez le pack PASS.

Phishing analysis :

CLICK : Cliquez-ici pour activer ce service
OPEN : http://www.sanjarfurniture.in/.Signet
RESULT : Phishing was unresponsive. Phishing attempt.

Attention Beneficiary (Moneygram Scam)

MONEY GRAM MONEY TRANSFER OFFICE
ADDRESS: 2225 Osborne Rd, St Marys, GA 31558,, United States.
Hours: OFFICE TEL: (409)3312943) for Call and Text SMS..

Attention Beneficiary !!!!!

The International Monetary Fund Annual Compensation from USA . The International Monetary Fund (IMF) is compensating some 2015 scam victims and your email address was found in the scam victims list. This MoneyGram®office has been mandated by the IMF to transfer your compensation to you via MoneyGram® Money Transfer in USA. However, we have concluded to effect your own payment through MoneyGram® Money Transfer, $2,999USD pay Day until the total sum of $1.5Million is completely transferred to you the receiver. We can't be able to wait or to send the payment with your email address alone instead, we hereby need your information to where we will be sending the funds. You Can Text us and fill below Information Or contact us via email.

(Receivers name)............
(Country)...................... .
( Address)...................... ..........
(Direct Mobile Phone Number).....................
(Your Age........................... .......
(ID copy)............. ..................

Note that your payment files will be returned to the IMF within 2hours if we did not hear from you because this was the instruction given to us by the IMF office here in Georgia, USA. We will start the transfer as soon as we receive your information. You are hereby warned not to communicate or duplicate this message for any reason what so ever because the US FBI is already on trace of the criminals from Africa.

THANKS,

Mr.david johnson.
Money Gram Money Transfer Office.
Address: 2225 Osborne Rd, St Marys, GA 31558,, United States.
Hours: Open today · 8:00 am – 8:00 pm
OFFICE TEL: (409)3312943) for Call and Text SMS.

Email analysis :

NOTE : www.@eos.ocn.ne.jp
NOTE : ubamoneygram48@yahoo.com
NOTE : X-Originating-Ip : [45.55.36.65]

NOTE : X-Remote : 153.149.236.39 (mbkd0338.ocn.ad.jp)

Disposition a propos des preIevements (Phishing Free)

Bonjour,

Probléme de prélvement automatique
Facture n°85450554874

Le virement mensuelle a éte rejetée par votre établissement bancaire.
Afin de régulariser, vous devez impérativment cliquer sur le lien ci-dessous:

Se connecter

En l'absence de confirmation de votre part dans un délai de 48 heurs,nous procéderons à
suspendre définitivment votre abonnement.

Merci de votre confiance

Laurent Biojoux Directeur de la Relation Clients

_______________________________________________________________
Ce courriel vous a été envoyé par un système automatique d'émission de messages.
L'adresse d'émission n'est pas une adresse de courriel classique.
Si vous écrivez à cette adresse, votre message ne sera pas pris en compte

Email screenshot :

Email analysis :

NOTE : sup@free-mob.local
NOTE : Received : from les-gerbilles.com ([46.101.235.47])
NOTE : X-Php-Originating-Script : 0:send.php

Phishing analysis :

CLICK : Se connecter
OPEN : http://pedrofarsian.com/68cdb3cdf1bc804c6488262f57120888/redere
NOTE : REDIRECT

Réf. Mail : n° 11-543167929 (Phishing Free)

Free Mobile

Cher(ère) Freenaute,

Conformément à la facture n° 601805021, établie le 31-05-2016,
nous n'avons pas pu effectuer un prélèvement automatique d'un montant de 2.00 euros
pour le motif suivant :

"Absence de provision ou provision insuffisante."

Afin de régulariser votre situation au plus vite auprès de nos services,
nous vous remercions de bien vouloir nous faire parvenir votre règlement :

- Par carte ,directement en ligne à l'adresse suivante :

Mon espace client

Sans action de votre part, votre ligne sera limitée en émission d'appels.

Nous vous remercions de votre confiance.

Service Free Mobile

Email screenshot :

Email analysis :

NOTE : Received : from mout.kundenserver.de ([212.227.17.10])
NOTE : Mime-Version : 1.0
NOTE : identification-mobile@ovh.com

Phishing analysis :

CLICK : Mon espace client
OPEN : http://www.iab.una.py/images/imagenes/r5/r7.html
REDIRECT : https://gator4258.hostgator.com/~webmasters/compte.mobile.free.fr/cmd/*/moncompte/index.php?clientid=*&default=*
SCREENSHOT :

CLICK : Se connecter
REDIRECT : https://gator4258.hostgator.com/~webmasters/compte.mobile.free.fr/cmd/*/moncompte/index.php?get=error#
SCREENSHOT :

Your unclaimed Bank Draft is ready for delivery. Please read

DHL COURIER SERVICE,
Unit 98, VAUXHALL BRIDGE ROAD, ML4 3NP,
London. UNITED KINGDOM.

Dear Customer!!!

This is to notify you, that your Unclaimed Bank Draft for the sum of ($3.500.000.00 Million Dollars) has finally been signed and approved for express delivery.

Please get back to us for more details on this delivery.

Sir, Chris Walker.
Information Officer.
DHL Courier Management Team,
All rights reserved. 2016.

Email analysis :

NOTE : dhlheadoffice@lycos.com
NOTE : SERVICE.@grace.ocn.ne.jp
NOTE : X-Originating-Ip : [23.247.147.2]
NOTE : Received : from mzcstore422.ocn.ad.jp
NOTE : (mz-fcb422p.ocn.ad.jp [153.149.245.37])

Information from Samsung Group

Congratulations....your profile was among the lucky winners who won the sum of $800,000.00 and Samsung Galaxy s7 from our company Samsung ...

Email analysis :

NOTE : samsung@deliveryman.com
NOTE : osesespelltemple@gmail.com
NOTE : out..drofemospelltemple@gmail.com
NOTE : franknelson079@gmail.com
NOTE : randywilsonCEO@gmail.com
NOTE : azuumaspelltemple@gmail.com
NOTE : Azuumaspelltemple@mail.com
NOTE : osesespelltemple@gmaill.com
NOTE : doeaf01@yahoo.com
NOTE : neways103@hushmail.com
NOTE : Received : by svr1.schoolspace.co
NOTE : X-Mailer : belgium-observatory.aldoproject.eu
NOTE : Received : from svr1.schoolspace.co ([78.137.168.120])

PCH Notification.

Your Email address Won: $1,000,000.00USD on the Publishers Clearance House Awards {PCHA}. Contact Mrs. Elizabeth Hanks on Email: elizabethhanks45@gmail.com for claim.

Email analysis :

NOTE : LPennock@madisoncollege.edu
NOTE : elizabethhanks45@gmail.com
NOTE : 160.152.9.125

NOTE : Thread-Topic : PCH Notification.

CONTACT WESTERN UNION

Good day, We have concluded to Send your payment through western union $7,000.00 daily until the ($3.2MILLION ) is completely transfered. Meanwhile,MR Gabriel Duke has Send you $5,000.00 in your name today. So contact our western union payment Agent to SEND you the mtcn to pick up this $5000 now: CONTACT PERSON: Mr.Peter Charles Cell Phone+229 98934767 Email Address: ( western.union886@yahoo.dk ) Please remenber to Call and ask him to give you the mtcn, sender name, question and answer to pick you to $7,000.00. Also you should send to him your informations. : Your receiver name: ::::::::::: Your full name: ::::::::::::: Your address: Your country!: .:::::::::::::::: Your direct phone number:: :::::: Text question and answer:::::::: Thanks Mr don alex AM Barr Gloriah Ennemariah, FROM DIAMOND BANK western union Department.

Email analysis :

NOTE : western.union886@yahoo.dk
NOTE : sefeba@speedy.com.ar
NOTE : X-Origin : 41.86.234.162
NOTE : authenticated user sefeba!speedylm
NOTE : client-ip=98.142.233.70;

Hello

Hello Dear,
Good-Day!

I am in desperate need for your trust and cooperation in assisting the transfer of $32,000,000.00 (thirty two million US dollars); If interested in this offer, do send me a mail.

I look to relocate to your country to start a new live.

Best Regards,
MAna

Email analysis :

NOTE : mmmvd713@gmail.com
NOTE : nancy.marty@slh.wisc.edu
NOTE : Received : from user [(41.71.212.102)]

NOTE : by spam.zinwell.com.tw
NOTE : (envelope-from )

Barrister Nelson Edon,

Dear Friend, I am contacting you to assist in receiving a huge deposit of Twelve Million Five Hundred Thousand US Dollars left in the bank by my late client before Car accident which leads to his death. I want you to receive this fund before its get confiscated by the bank. I will give you the full details of this transaction once I hear from you. Contact me with this email address for more details (nelsonedon002@gmail.com) Barrister Nelson Edon,

Email analysis :

NOTE : nelsonedon002@gmail.com
NOTE : akpakugeorge@yahoo.com
NOTE : Received : from [98.138.87.4]

NOTE : akpakugeorge@yahoo.com
NOTE : nelsonedon002@gmail.com

Your unclaimed Bank Draft is ready for delivery. Please read

DHL COURIER SERVICE,
Unit 98, VAUXHALL BRIDGE ROAD, ML4 3NP,
London. UNITED KINGDOM.

Dear Customer!!!

This is to notify you, that your Unclaimed Bank Draft for the sum of ($3.500.000.00 Million Dollars) has finally been signed and approved for express delivery.

Please get back to us for more details on this delivery.

Sir, Chris Walker.
Information Officer.
DHL Courier Management Team,
All rights reserved. 2016.

Email analysis :

NOTE : SERVICE.@grace.ocn.ne.jp
NOTE : dhlheadoffice@lycos.com
NOTE : Received : from mzcstore422.ocn.ad.jp
NOTE : (mz-fcb422p.ocn.ad.jp [153.149.245.37])

NOTE : by vcwebmail.ocn.ad.jp
NOTE : X-Originating-Ip : [23.247.147.2]

Hello Good Day

Stop contacting them. Because Your fund Is Not with them

I am Mrs Betty Rawlings; A United States Citizen, 58 years old. I reside here in Perth Amboy NJ, My residential address is as follows 482 SAYRE AVE NO,2 PERTH AMBOY 08861 Apt 305, New Jersey, United States. I am thinking of relocating since I am now wealthy.Well I will have to let the cat out of the bag and let this great news known to you, I am one of those that took part in the Compensation awards in Benin Republic many years ago and they refused to pay me, I had spent over $80,000.00 of my life savings while in the USA trying to get my payment but all to no avail.

After all this series of criminal acts that happened to me, I decided to travel down to Benin Republic with all my compensation documents as I was directed to meet with one Barrister Mensah  Baah who happens to be a member of the Compensation Award Committee in Benin. I contacted him and he explained everything to me in detailed information’s, He said whoever is contacting us through emails, Phone or whichever means are fake.

Barr. Mensah  Baah took me to the paying bank for the claim of my compensation payment. With great joy in my heart right now I am the happiest woman on planet earth, I received my compensation funds of Five Million Five Hundred Thousand United State Dollars (US$5,500,000.00).

Moreover, Barr. Mensah  Baah showed me the full list and information’s of receivers that has been scheduled to receive their payments but are yet to receive it, While going through this list carefully I saw your email address and other information’s as one of the beneficiaries, for this reason I have decided to email you to stop dealing with those people, they are not in any way with your funds and won't stop taking money from you, these people are only stealing from you.Right now I will advise that you contact Barrister Mensah  Baah, You can contact him directly on this information below.

COMPENSATION AWARD HOUSE Benin,
NAME: Mensah  Baah
Please Copy His Email: mensahbaah@yeah.net

You really have to stop dealing with those people that are contacting you and telling you all sort of lies as your funds is not in anyways with them. They are only taking advantage of you and they will not stop until you have nothing just like they did to me in the past, The only money I paid after I met Barrister Mensah  Baah is just $108 for the paper works, take note of that.

(NOTE: TELLING YOU TO PAY FOR ANY DELIVERY OR COURIER CHARGE IS ALL NOTHING BUT LIES, I REPEAT THE ONLY MONEY YOU WILL HAVE TO PAY AND WHICH I ALSO PAID IS $108 FOR THE ADMINISTRATIVE/ ENDORSEMENT CHARGE AS IMPOSED BY THE GOVERNMENT AND YOUR PACKAGE CONTAINING YOUR CERTIFIED BANK DRAFT CHEQUE WILL BE REACHING YOU THROUGH THE REGULAR MAIL SERVICE.)

Once again I urge you to stop contacting those people for your own good, I will advise you to contact Barr. Mensah  Baah so that he will help and give you guideline until your funds is delivered to you. Instead of dealing with those people that will be turning you around and asking for different kind of upfront money to complete your transaction, I will advise that you contact only Barr. Mensah  Baah.
Thank You and Remain Blessed.

Mrs Betty Rawlings

Email analysis :

NOTE : mensahbaah@yeah.net
NOTE : andre@tramandai.rs.gov.br
NOTE : User-Agent : Roundcube Webmail/1.0.1
NOTE : X-Php-Originating-Script : 1711:rcube.php
NOTE : Received : by pmt.tramandai.rs.gov.br (Postfix, from userid 33)
NOTE : Received : from pmt.tramandai.rs.gov.br (pmt.tramandai.rs.gov.br. [186.232.55.210])

NOTE : Prefeitura Municipal de Tramandaí was used to relay this scam, with account andre

Contact Mr.Shegun Akintomi(Skye bank ATM director)

Attention please!!!

We were authorized by the President, Federal Republic of Benin and the Governing Board of Central Bank to investigate the unnecessary delay of your payment,to also recommend and approve your claims for payment if the report of the unclaimed contract/inheritance funds is genuine. However, we discovered that your funds has been unnecessarily delayed by corrupt officials of some banks.

We have agreed with the authority that we will handle this payment ourselves to avoid the hopeless situation created by those officials. Currently your Inheritance/Contract fund of $7.5Million has been credited in ATM card.Contact Mr.Shegun Akintomi(Skye bank ATM director)with your details including phone lines for immediate delivery.

Contact Name: Mr.Shegun Akintomi
Email: atm78410@gmail.com
office line:+22999944906

Signed,
management of Skye Bank Plc.

Email analysis :

NOTE : yahagi@tunekawa.co.jp
NOTE : atm78410@gmail.com
NOTE : X-Mailer : Web de Mail, 1.0.0
NOTE : client-ip=216.230.254.50;

TR : !mp0rtant a L!RE.

bien aiméε‏

Excusεz-møi de vous contactεz de cette manièrε car nøus nε nous connaissøns pas.

En bref je me nommε LAURENT BOUDIER d'origine Françaisε et je vis à Londres. Je souffrε d'unε gravε maladiε et j'aimεrais vous faire une prøpøsition qui pourrait vous intéressεr.Il s'agit d'un døn d'une somme de850 000 de euro.

Vous trouverεz sur le documεnt en fichiεr joint plus de rensεignement concernant mon døn je vous prie de la lire lεttre en fichier jøint. Ceci n’étant pas un spam ni virus.

Pour avoir plus de rensεignement concernant cette dønatiøn je vous prie de me Contactεz moi a cette adrεssε. Ceci n’étant pas un spam ni virus :

Conctεz moi a cette adrεssε:

Mail!: laurent.boudier@outlook.com***laurent.boudier@outlook.com

T

Recevez encore une fois de mes salutations les plus distingués .

Cordialement

Monsieur Boudier

256931569426655689465(1).pdf

Email analysis :

NOTE : janujz5@orange.fr
NOTE : claouenan@cazes-goddyn.com
NOTE : clean@orange.com
NOTE : laurent.boudier@outlook.com
NOTE : X-Me-Ip : 86.206.187.80

Samantha Gann sent you "Scan001.zip"

Samantha Gann a file with you on Dropbox

The updated agreement with AlixPartners

Scan001.zip

Download

© 2016 Dropbox

Email screenshot :

Email analysis :

NOTE : no-reply@dropbox.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : Received : from unknown (HELO NNZCABJO) (1.47.202.181)

NOTE : Samantha Gann sent you "Scan001.zip"

File analysis :

CLICK : DOWNLOAD
OPEN : https://www.cubbyusercontent.com/pl/Scan001.zip/_6ec59f8ef081469e9dba0d304a99cb9d
FILENAME : Scan001.zip
RESULT : File is a virus.

Virus analysis :

SHA256: e68dfb45eb15d675073486679ac94cac1788ea5c54a3e39cb9cddddaf73a179e
FILENAME : Scan001.zip
AVG : Downloader.Generic_c.ALTL
Ad-Aware : Trojan.GenericKD.3298975
AegisLab : Exploit.Script.Generic!c
Arcabit : Trojan.Generic.D32569F
Avast : Other:Malware-gen [Trj]
Avira (no cloud) : HEUR/Suspar.Gen
BitDefender : Trojan.GenericKD.3298975
DrWeb : JS.DownLoader.1225
ESET-NOD32 : JS/TrojanDownloader.Nemucod.ADU
Emsisoft : Trojan.GenericKD.3298975 (B)
F-Secure : Trojan.GenericKD.3298975
Fortinet : JS/Nemucod.ET!tr.dldr
GData : Trojan.GenericKD.3298975
Ikarus : JS.Trojan-Downloader.Rogue
K7AntiVirus : Trojan ( 004dfe6d1 )
K7GW : Trojan ( 004dfe6d1 )
Kaspersky : HEUR:Exploit.Script.Generic
McAfee : Generic.yd
McAfee-GW-Edition : Generic.yd
eScan : Trojan.GenericKD.3298975
Microsoft : TrojanDownloader:JS/Nemucod.AT
Rising : Exploit.Generic!8.3E1-aXLPd6nZxPO (Cloud)
TrendMicro : JS_NEMUCOD.QDA
TrendMicro-HouseCall : JS_NEMUCOD.QDA