Thursday, November 24, 2016

bill 73726332

See you in court !!!

Subpoena for

Matthew Riley

Link analysis :

CLICK : Subpoena for
OPEN : http://techsmart.vn/backup/get.php?id=d2VibWFzdGVyQHJiY2FmZS5jb20=
RESULT : 404 Error...

Email analysis :

NOTE : matthew@trattnerlaw.com
NOTE : Received : from unknown (HELO trattnerlaw.com) (190.108.92.109)

,

No comments:
Labels : , , , ,

Cash Grant

Hello.

I'm Raymond Scott Bells, My wife and I won $50-million Lotto Max cheque,in Edmonton,we have decided to donate to the less privileged and charity projects all over the world, and make at least 5 people millionaires.

To verify, please see our interview by visiting the web page below.

http://www.ctvnews.ca/canada/after-life-of-struggle-alberta-truck-driver-wife-win-50m-lotto-prize-1.2526163

Get back to me with your name,address,Gender,Country and phone number for more details on how you can receive

your Cash Grant.

Here is my personal email raymondsbells@yandex.com contact me as soon as possible.

Stay Bless

Mr Raymond Scott Bells

Email analysis :

NOTE : raymondsbells@yandex.com
NOTE : maggib@btnet.is
NOTE : client-ip=5.23.79.39;

No comments:
Labels : , , ,

Tuesday, November 22, 2016

Maerskline Shipping BL (Phishing + Virus)

FYI

Please see attached shipping documents.

1 attachment(s)
Download | View

Best Regards

MAERSK LINE
One Commercial Place, 20th Floor
Norfolk, VA 23510
Phone: 757-857-4800
Fax: 757-852-3232
© Maersk Group.

Virus :

CLICK : DOWNLOAD
OPEN : http://original-documents.alkhalifa.pw/document/FAX_001.zip
RESULT : UNRESPONSIVE

Phishing analysis :

CLICK : View
OPEN : http://eretailday.org/img/shippingdoc/index.html
SCREENSHOT :


VALIDATE : FORM
REDIRECT : https://my.maerskline.com/?_nfpb=true&_pageLabel=page_tracking3_trackSimple

Email analysis :

NOTE : logistics@maerskline.com
NOTE : Received : from unknown (HELO ?192.168.2.254?)
NOTE : (198.72.31.234)

No comments:
Labels : , , ,

XMAS LOAN OFFER

2% LOAN OFFER APPLY NOW *

You lose sleep at night care how to get a loan?
* Are you looking for a loan to pay the debt?
* Are you looking for a loan to start your own business?
* Are you looking for loans to large projects perform?

CONTACT US TODAY...FAST LOAN INVESTMENT.......forward your reply here :
firstonlineloaninvesment@gmail.com

Fill out the for m to your loan application:

Name:
Country:
Amount Of Loan Needed:
Occupation:
Monthly Income:
Phone:
Length oF The Loan (years):

Note: All mail must be sent to: firstonlineloaninvesment@gmail.com

I hope to live your financial expectations.

Thank You.
2016 FIRST LOAN Co-operation

Email analysis :

NOTE : firstonlineloaninvesment@gmail.com
NOTE : plan_follow@scmt.gov.iq
NOTE : Received : from [41.113.85.128] (port=48514 helo=[172.20.10.5])


NOTE : by alsco.cloudscis.com with esmtpa (Exim 4.87)
NOTE : (envelope-from < plan_follow@scmt.gov.iq >)
NOTE : alsco.cloudscis.com : authenticated_id: plan_follow@scmt.gov.iq
No comments:
Labels : , , , , ,

Your LogMein.com subscription has expired! (Virus)

Dear client,

You are receiving this message because your subscription for LogMeIn Central has expired.
We were not able to charge you with the due amount because your credit card was declined.

You can download the bill directly from the LogMeIn website:
https://accounts.logme.in/billing.aspx?clusterid=0724&view_bill_id=3716 4647&file_type=doc

Please use another credit card or payment method in order to avoid complete service interruption.

Event type: Credit Card Declined
Account email: *.*
At: 21/11/2016

If you need more help, visit LogMeIn Support at:
http://solutions.logmein. com/SalesContactUs

Important Security Notice:
LogMeIn will never for your password or other sensitive information by email.

(Please don't reply to this email, as it's sent from an address that's not monitored.)

© LogMeIn Inc

Virus analysis :

CLICK : https://accounts.logme.in/billing.aspx?clusterid=0724&view_bill_id=3716 4647&file_type=doc
OPEN : https://reg.vn/en/view_bill.php?id=d2VibWFzdGVyQHJiY2FmZS5jb20=
DOWNLOAD : lgm_bill89831.doc
lgm_bill89831.doc : VIRUS


lgm_bill89831.doc analysis :

SHA256 : fc1f1845e47d4494a02407c524eb0e94b6484045adb783e90406367ae20a83ac
FILE : lgm_bill89831.doc
ALYac : Trojan.Downloader.W97M.Gen
Ad-Aware : W97M.Downloader.ESE
AegisLab : Troj.Downloader.Msword.Agent!c
Arcabit : W97M.Downloader.ESE
BitDefender : W97M.Downloader.ESE
Cyren : W97M/Nastjencro
ESET-NOD32 : VBA/Kryptik.T
Emsisoft : W97M.Downloader.ESE (B)
F-Prot : New or modified W97M/Nastjencro
F-Secure : Trojan:W97M/Nastjencro.A
GData : W97M.Downloader.ESE
Ikarus : Trojan-Downloader.VBA.Agent 20161121
Kaspersky : Trojan-Downloader.MSWord.Agent.auz
McAfee : W97M/Dropper.cu
McAfee-GW-Edition : W97M/Dropper.cu
eScan : W97M.Downloader.ESE
Microsoft : TrojanDownloader:O97M/Donoff!map
Sophos : Troj/DocDl-FQK
Symantec : W97M.Downloader
Tencent : Win32.Trojan.Inject.Auto
TrendMicro : W2KM_HANCITOR.AUSTT
TrendMicro-HouseCall : W2KM_HANCITOR.AUSTT

Email analysis :

NOTE : billing@secure-lgm.com
NOTE : Received : from wsip-70-165-74-172.hr.hr.cox.net
NOTE : (HELO secure-lgm.com) (70.165.74.172)
No comments:
Labels : , , , , , , , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe