vous avez un message (Phishing CIC)

CI C

Cher(e) Client(e),

Lors de votre dérnier achat, vous avez été averti par un message vous informant de l'obligation d'adhérer à la nouvelle réglementation concernant la fiabilité pour les achats par C.B sur internet et de la mis en place d'un arrét pour vos futurs achats Or, nous n'avons pas, ce jour , d'adhésion de votr part et nous sommes ou regret de vous informer que vous pouvez plus utiliser votr cart sur internet

Adhésion : cIiquant ici

Merci de la confiance que vous nous témoignez

Cordialement

Conseil d'administration

Email screenshot :

Email analysis :

NOTE : Content-Type : text/html; charset=iso-8859-1
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < iidheldo@meo.fr >
NOTE : Received : from meo.fr ([84.39.48.4])
NOTE : Received : by meo.fr (Postfix, from userid 33)
NOTE : X-Php-Originating-Script : 0:LKJDKJFD.php
NOTE : vous avez un message

Phishing Analysis :

CLICK : Adhésion : cIiquant ici
OPEN : http://jupiterapparel.com/slk
REDIRECT : http://aidyourlifestyle.com/cgi-sys/suspendedpage.cgi
RESULT : Phishing attempt

Domain analysis :

Domain Name:aidyourlifestyle.com
Registrant Name:Zhern Je Lee
Registrant Country:my
Registrant Phone:+601.0000000
Registrant Email:leezhernje@gmail.com
Admin Name:Zhern Je Lee
Admin Email:leezhernje@gmail.com
Tech Name:Zhern Je Lee
Tech Email:leezhernje@gmail.com
Name Server:NS1011.NEWIPDNS.COM
Name Server:NS1012.NEWIPDNS.COM
====================================
Domain Name: jupiterapparel.com
Registrant Name: Jupiter Apparel
Registrant Organization: Jupiter Apparel
Registrant Street: A - 31, Ram Nagar, Om Vihar
Registrant City: New Delhi
Registrant State/Province: Delhi
Registrant Postal Code: 110059
Registrant Country: IN
Registrant Phone: +91.25334910
Registrant Fax: +91.25331259
Registrant Email: anshul@gsspl.com
Admin Name: Jupiter Apparel
Admin Organization: Jupiter Apparel
Admin Street: A - 31, Ram Nagar, Om Vihar
Admin City: New Delhi
Admin State/Province: Delhi
Admin Postal Code: 110059
Admin Country: IN
Admin Phone: +91.25334910
Admin Fax: +91.25331259
Admin Email: anshul@gsspl.com
Tech Name: Jupiter Apparel
Tech Organization: Jupiter Apparel
Tech Street: A - 31, Ram Nagar, Om Vihar
Tech City: New Delhi
Tech State/Province: Delhi
Tech Postal Code: 110059
Tech Country: IN
Tech Phone: +91.25334910
Tech Fax: +91.25331259
Tech Email: anshul@gsspl.com
Name Server: ns63.domaincontrol.com
Name Server: ns64.domaincontrol.com

Régler votre Situation (Phishing Boursorama)

Bonjour,

Suite au double payement d'une facture par erreur sur votre compte. veuillez completer votre formulaire de remboursement, Pour consulter, Veuiller cliquez sur le lien ce-dessous :

Régler votre situation

Nous vous remercions de votre confiance.

Ce courriel vous a été envoyé par un système automatique d'émission de messages. L'adresse d'émission n'est pas une adresse de courriel classique. Si vous écrivez à cette adresse, votre message ne sera pas pris en compte

Sboursorama| Cl to view the online version

Email screenshot :

Email analysis :

NOTE : X-Php-Originating-Script : 0:lc.php
NOTE : www-data@zankyou.fr
NOTE : aa@zankyou.fr
NOTE : Received : by zankyou.fr (Postfix, from userid 33)
NOTE : Received : from zankyou.fr ([185.107.213.201])

Phishing analysis :

CLICK : Régler votre situation
OPEN : http://inter-mask.com/br.php
REDIRECT : http://inter-mask.com/cgi-sys/suspendedpage.cgi
RESULT : Phishing attempt.

Domain analysis :

Domain Name: inter-mask.com
Registrant Name: Gulshan Nadeem
Registrant Organization: AQC
Registrant Street: Pacca Garah
Registrant City: Sialkot
Registrant State/Province: Punjab
Registrant Postal Code: 51310
Registrant Country: PK
Registrant Phone: +92.3006146147
Registrant Fax: +92.3006146147
Registrant Email: gnadeem786@gmail.com
Admin Name: Gulshan Nadeem
Admin Organization: AQC
Admin Street: Pacca Garah
Admin City: Sialkot
Admin State/Province: Punjab
Admin Postal Code: 51310
Admin Country: PK
Admin Phone: +92.3006146147
Admin Phone Ext:
Admin Fax: +92.3006146147
Admin Email: gnadeem786@gmail.com
Tech Name: Gulshan Nadeem
Tech Organization: AQC
Tech Street: Pacca Garah
Tech City: Sialkot
Tech State/Province: Punjab
Tech Postal Code: 51310
Tech Country: PK
Tech Phone: +92.3006146147
Tech Phone Ext:
Tech Fax: +92.3006146147
Tech Email: gnadeem786@gmail.com
Name Server: ns1.vnameu.net
Name Server: ns2.vnameu.net

24-06-2016 -- Facture n° 11-543167929 (Phishing Free)

Free Mobile

Chèr(e) Freenaute,

Vous êtes abonné au forfait Free Haut Débit.

Conformément à la facture n° 11-543167929 établie le 10 jun 2016

nous avons émis une demande de prélèvement auprès de votre établissement bancaire.

Il semble que ce prélèvement ait été refusé par votre banque pour le

motif suivant : "Absence de provision ou provision insuffisante (20)"

Afin de régulariser votre situation au plus vite auprès de nos services,

nous vous remercions de bien vouloir nous faire parvenir votre règlement :

- par chèque, établi à l'ordre de Free Haut Débit (veuillez ne pas

oublier de mentionner le numéro de téléphone de la ligne concernée au dos du chèque),

à l'adresse suivante : Free Haut Débit 75371 PARIS CEDEX 08

- ou par carte bancaire, directement en ligne à l'adresse suivante :

http://www.free,fr/login/compte/facture_n11-553167929/

Persuadés qu'il ne s'agit que d'un incident isolé, nous vous prions de

bien vouloir procéder à la régularisation de votre situation dans les

meilleurs délais afin d'éviter l'ouverture d'une procédure de recouvrement

consécutive à l'impayé.

Vous avez la possibilité de consulter vos factures en ligne à tout moment

à l'adresse http://www.free.fr/

L'équipe Free Haut Débit.

FAQ : http://www.free.fr/faq/"

Email screenshot :

Email analysis :

NOTE : freemobilesupport@ovh.com
NOTE : Mime-Version : 1.0
NOTE : X-Sid-Pra : freemobilesupport@ovh.com
NOTE : Authentication-Results : hotmail.com; spf=neutral
NOTE : (sender IP is 212.227.17.10)

NOTE : Received : from serv567468 ([13.69.255.41])

NOTE : by mrelayeu.kundenserver.de (mreue103)

Phishing analysis :

CLICK : http://www.free,fr/login/compte/facture_n11-553167929/
OPEN : http://www.iab.una.py/images/imagenes/r13/r3.html
REDIRECT :

https://gator2011.hostgator.com/~contacte/espace.mobile.free.fr.moncompte/login/*/

REDIRECT :

https://gator2011.hostgator.com/~contacte/espace.mobile.free.fr.moncompte/login/*/moncompte/index.php?clientid=*&default=*

SCREENSHOT :

CLICK : Se connecter

CLICK : Ajouter ma carte bancaire

CLICK : Confirmer ma carte bancaire
REDIRECT :

https://gator2011.hostgator.com/~contacte/espace.mobile.free.fr.moncompte/login/*/moncompte/send.php

SCREENSHOT :

REDIRECT : http://portail.free.fr/

The crisis has finished! Work with us!

Hello!

We are looking for employees working remotely.

My name is Lynette, am the personnel manager of a large International company. Most of the work you can do from home, that is, at a distance. Salary is $2500-$5000. If you are interested in this offer, please visit Our Site

Best regards!

Email analysis :

NOTE : Received : from adsl.viettel.vn (unknown [115.79.167.71])

NOTE : client-ip=115.79.167.71;
NOTE : User-Agent : Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17)
NOTE : Gecko/20110414 Thunderbird/3.1.10
NOTE : vr6.mail.ovh.net [149.202.197.43]

Attn: Consignment Box Owner.

Attn: Consignment Box Owner.

Sorry for this unexpected message to you. I am Richard Paul, a Security Manager at the Dayton International Airport, Dayton Ohio, USA. During a recent routine check at all Security/Storage Units at the airport, I discovered an abandoned shipment in your name coming from Nigeria which was on Transit to your city but was intercepted by the Dayton International Airport Security for lack of proper clearance papers as the consignment was scanned and discovered to contain valuable cash between US$4.5Million US Dollars in estimation that was not properly declared to the authorities since the tags on the consignment showed the item contains Personal Belongings/ Family Treasures which is not in regulations to the delivery requirements by The Transportation Security Administration (TSA) so in this regards, the consignment was placed on hold until proper clearances are provided by a reliable Government source. The details on the consignment are tagged as:

Type: SUITCASE
Wheels: 4 wheels
Handles: Trolley handle with top & side handles
Approximate Dimensions: Height: 3.20 ft, Width: 2.50 ft, Depth: 1.90 ft.
Weight: 180lbs.

However, be informed that the reason I have taken it upon myself as a Security Manager at the Dayton International Airport to contact you personally about this abandoned shipment is because I am a GOD fearing man and i would not want you to loose your consignment box since the box has not yet been returned to the United states Treasury Department for further inspection after being abandoned by the shipper so immediately the confirmation is made, I will go ahead with all negotiations with the airport authorities for the release of the consignment box to me as your representative so I can arrange for the delivery to your city since the encoded Tag on the Bill of entry for the consignment was declared as personal effect so the reconciliation of Correct Manifest information as Valuable cash in the new Bill of entry is needed before the release can be implemented.

Lastly, to enable me confirm if you are the actual recipient of this consignment Box, I will advise you get back to me as quick as possible and re-confirm your address so that i can be sured that the box is going to the rightful owner, also list the closest airport to you to enable me cross check if it corresponds with the address on the official documents including the normalization of your Bill of Entry and arrange for the box to be moved out of this Airport to your address. Once we are through with this process.

Please confirm your information:

1.Full Names:
2.Home Address:
4.Country:
5.Your Cell Number/Home:

For confidentiality purposes,i will advise you to email my private email, for quick processing and response to you, kindly send and confirm your details to my private email account ( richarddppaul@gmail.com ) so we can act swiftly.

Regards,
Richard Paul
Security/Inspection Manager
Dayton International Airport
3600 Terminal Dr, Dayton, OH 45377, United States.

Email analysis :

NOTE : richarddppaul@gmail.com
NOTE : admin@wx163.cn
NOTE : Received : from [107.150.49.199];

APPROVED BY UNITED NATIONS.

INTERNATIONAL FUNDS AUDIT UNIT
UNITED NATIONS LIAISON OFFICE NEW-YORK, USA
870 UNITED NATIONS PLAZA 20-A NEW YORK NY 10017
OUR REF: US/NF/UN/XX2016

FUND US1.5MILLION APPROVED BY UNITED NATIONS

Attn Beneficiary,

We write to inform you that Series of meetings have been held over the past 2weeks with the Secretary General of the United Nations Organization, International Community Board and U.S.Department of State and Africa Union Organization this ended last week. During the meeting, this organization discovered that you have not received your funds due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund. The International Community Board Committee enhanced by the United Nations/ U.S.Department of State and Africa Union Organization have successfully passed a payment mandate release order to the Bank to clear all over due Contract funds, Lottery winnings and Inheritance funds owed to you and other individuals and organizations who have been found not to have receive their funds. Note that your payment file submitted to the Bank in question is 1.5Million U.S Dollars. In order to know you are ready to receive your approved fund, you are strictly advice to furnish us with the below information for us to cross check in our payment file if is correct, and after all verification, we will then direct you on how to contact the Bank for your fund payment to you.

1. Your Full Name:
2. Address:
3. Home/Cell Phone:
4. Age and Marital Status:
5. Occupation:
6. Any Identification like Int'l Passport/Driver License:

We expecting your urgent response to this email to enable us monitor this payment effectively.

Yours faithfully

Mrs.Theresa Lewis

Assistance Secretary United Nation

Email analysis :

NOTE : lewistheresa@yandex.com
NOTE : qaz@opgufyigfhypooj.tk
NOTE : X-Originating-Ip : [109.74.203.116]