Dear Chase Online(SM) Customer,
As part of our commitment to help keep your account secure, we have detected an irregular activity on your account and we are placing a hold on your account for your protection. Please click on the following link and follow the instructions for proper verification.
CLICK HERE
NB: If this important message seems to be spam/junk please move to inbox to enable you click on the link above, We are here to assist you anytime. Your account security is our priority. Thank you for choosing Chase.
Sincerely,
Chase Fraud Department
Copyright © 2016 Chase Online. All rights reserved
JPMorgan Chase & Co.
Email analysis :
NOTE : info@onlinebanking.com
NOTE : bblazzard@lusd.k12.ca.us
NOTE : Received : from onlinebanking.com (unknown [68.65.134.234])
Phishing analysis :
CLICK : CLICK HERE
OPEN : http://mobwarsdoa.com/banking/chaseonline/Logon.php?LOB=RBGLogon&_pageLabel=page_logonform
Saturday, February 4, 2017
Viet Xuan Luong (Scam)
I am Viet Xuan Luong. I am an American soldier presently on active service with 4th Squadron battalion here in Afghanistan. I served with the third Infantry Division in Iraq before thousand of my lucky colleagues were pulled out in August Last year, leaving me among the unlucky ones drafted to Afghanistan where I am serving presently. Am seeking your urgent help, please get back to me via email and I will tell you more about it thank you and God bless you.
Respectfully submitted.
Viet Xuan Luong
Email analysis :
NOTE : vietxuanluong6@gmail.com
NOTE : janainamaiara@unifap.br
NOTE : X-Originating-Ip : [105.112.42.159]
Respectfully submitted.
Viet Xuan Luong
Email analysis :
NOTE : vietxuanluong6@gmail.com
NOTE : janainamaiara@unifap.br
NOTE : X-Originating-Ip : [105.112.42.159]
Thursday, February 2, 2017
Service client : Sécuriser votrᥱ Cybᥱrplus ! (Phishing Banque Populaire)
Bonjour
Le département technique procède à une mise à jour de logiciel programmée de
façon à améliorer la qualité de nos services . Nous vous demandons avec
bienveillance de sécuriser votre Cyberplus .
21-01-2017 : Régulation de votre dossier en linge.
Nous vous remercions de votre confiance.
Cordialement
Conseil Clientèle.
Email analysis :
NOTE : noreply@nej.fr
Received : from 184.164.74.221
Phishing analysis :NOTE :
CLICK : http://opticaguadalquivir.es/puce
REDIRECT : http://www.tailors-hostel.com/gestion/txt/-/ilon/resf/Pages/
SCREENSHOT :
Le département technique procède à une mise à jour de logiciel programmée de
façon à améliorer la qualité de nos services . Nous vous demandons avec
bienveillance de sécuriser votre Cyberplus .
21-01-2017 : Régulation de votre dossier en linge.
Nous vous remercions de votre confiance.
Cordialement
Conseil Clientèle.
Email analysis :
NOTE : noreply@nej.fr
Received : from 184.164.74.221
Phishing analysis :NOTE :
CLICK : http://opticaguadalquivir.es/puce
REDIRECT : http://www.tailors-hostel.com/gestion/txt/-/ilon/resf/Pages/
SCREENSHOT :
Microsoft account termination request in progress. (Microsoft Phishing, Swisscom Phishing, Directory listing)
Microsoft Security info
We received a message from you requesting for your account termination, please ignore this message if the request was from you. Your account would be deleted from our system in the next 24 hours.
(Note: All mails in your inbox, spam, draft, and sent items would be terminated, and access to your account would be denied.)
Click on cancel request if the message wasn't from you.
CANCEL REQUEST
Cancel the termination request to keep enjoying Microsoft!
Thanks,
The Microsoft account team.
Safety Certification Copyright © 2017 Microsoft
Phishing analysis :
SCREENSHOT :
CLICK : http://ow.ly/***
RESULT : A BASE64 is loaded in the url bar.
RESULT : data:text/html;base64,
SCREENSHOT :
RESULT : Microsoft phishing
CODE SOURCE ANALYSIS : form action="http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/result.php
NOTE : Another wordpress website hacked...
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/
RESULT : Repository of phishing.
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/bluewin
RESULT : Swisscom Phishing
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/
RESULT : Microsoft phishing
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/viko/
RESULT : Microsoft phishing
We received a message from you requesting for your account termination, please ignore this message if the request was from you. Your account would be deleted from our system in the next 24 hours.
(Note: All mails in your inbox, spam, draft, and sent items would be terminated, and access to your account would be denied.)
Click on cancel request if the message wasn't from you.
CANCEL REQUEST
Cancel the termination request to keep enjoying Microsoft!
Thanks,
The Microsoft account team.
Safety Certification Copyright © 2017 Microsoft
Phishing analysis :
SCREENSHOT :
CLICK : http://ow.ly/***
RESULT : A BASE64 is loaded in the url bar.
RESULT : data:text/html;base64,
SCREENSHOT :
RESULT : Microsoft phishing
CODE SOURCE ANALYSIS : form action="http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/result.php
NOTE : Another wordpress website hacked...
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/
RESULT : Repository of phishing.
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/bluewin
RESULT : Swisscom Phishing
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/
RESULT : Microsoft phishing
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/viko/
RESULT : Microsoft phishing
Mr.David Kamau
I am the final signatory to all foreign transfers of huge funds moving within banks both the local and international levels in line to foreign contracts settlement. I have before me the list of foreign contract payment files, which are due to be transferred to their nominated accounts. Meanwhile, we identified some of these accounts to be ghost accounts, unclaimed deposits and over invoiced sum etc. I wish to have a deal with you as regards to the unpaid fund. I have a file before me and hope the date's are correct and UN-tampered. As it is my duty to recommend the transfer of these surplus fund to the Federal Government Treasury and Reserve Accounts as unclaimed deposit. I have the opportunity to write you based on the instruction I received two days ago from the senate committee on contract payment/foreign debts to submit the list of payment reports expenditures and audited reports of revenues. Among several others, I have decided to remit the total sum of USD15.2 million following Mr.David Kamau.
Email analysis :
NOTE : mr.davidkamau1@yahoo.com
NOTE : mrdavidkamau1@gmail.com
NOTE : X-Rocketymmf : bsobeab
NOTE : Received : from [41.86.234.171]
NOTE : by web101604.mail.kks.yahoo.co.jp
Email analysis :
NOTE : mr.davidkamau1@yahoo.com
NOTE : mrdavidkamau1@gmail.com
NOTE : X-Rocketymmf : bsobeab
NOTE : Received : from [41.86.234.171]
NOTE : by web101604.mail.kks.yahoo.co.jp
Subscribe to:
Posts (Atom)