Contact Rev. Dr. Madibe Nbongo(UBA bank ATM director)

Dear Beneficiary,

We have actually been authorized by the newly appointed United Nation secretary general, and the governing body of the UNITED NATIONS Monetary Unit, to investigate the unnecessary delay on your payment, recommended and approved in your favor. During the course of our investigation, we discovered with dismay that your payment has been unnecessarily Delayed by corrupt officials of the Bank who are Trying to divert your funds into their private accounts.To forestall this security for your funds was organized in the form of your personal Identification number (PIN) ATM CARD and this will enable only you to have direct Control over your funds in the ATM CARD. We will monitor this payment ourselves to avoid the hopeless situation created by the Officials of the bank.

An irrevocable payment guarantee has been issued by the World Bank Group and the International Monetary Fund (IMF) on your Payment. However, we are happy to inform you that based on our recommendation/Instructions; your complete Inheritance funds have been credited in your favor through ATM VISA CARD. You are therefore advice to contact UBA Bank below:

Contact Person: Rev. Dr. Madibe Nbongo
Director ATM Payment Department
(United Bank for Africa Plc Cotonou, Benin Republic)
E-mail: ubank064@gmail.com
E-mail: ubab0347@gmail.com

Contact him now for the delivery of your ATM Card. As soon as you establish a contact with him, an ATM card will be issued to you immediately which you can use to withdraw your funds in any Bank ATM Machine in your Country, but the maximum is $5000 per day. So if you like to receive your funds through this means you're advised to contact(REV. DR. MADIBE NBONGO) with the following information as stated below:

1. Your Full Name:
2. Address Where You Want the Courier Company to Send Your ATM Card
To or (P.O Box)
3. Nationality:
4. Occupation:
5. Mobile Number:
6. Private E-Mail Address:

NOTE: You are advised to furnish (REV. DR. MADIBE NBONGO) with your correct and valid details. Also be informed that the amount to be paid to you is USD$7.Million We expect your urgent response to this email to enable us monitor this payment effectively thereby making contact with (REV. DR. MADIBE NBONGO) as directed to avoid further delay.

Note that you are going to be responsible for the delivery cost based on the company you choose among three companies we use to deliver packages which will be listed to you upon your responds on this mail.

Congratulations.
Regards,
MRS. DORIS SAMUEL

Email analysis :

NOTE : X-Originating-Ip : [41.138.91.244]

NOTE : ubank064@gmail.com
NOTE : "WWW."@crux.ocn.ne.jp
NOTE : client-ip=153.149.233.4;

Vasiliki Tsaknaki

ARE YOU LOOKING FOR LOAN OF ANY KINDS, IF YES EMAIL FOR MORE INFO

ALL REPLY TO zedvancelender@gmail.com

Email analysis :

NOTE : tsaknaki@kth.se
NOTE : X-Originating-Ip : [197.210.24.25]

Email leak :

"Eddie.Hargreaves@mail.com" , "EdgarInvestments@tormail.org" , "Edward@yourcarrierquote.com" , "Ekofrmjerzy@aol.com" , "Elisebartonsmythe@hotmail.com" , "Ellie.bridgit@outlook.com" , "Elliotsullivan67@gmail.com" , "Elsie.smithers@gmail.com" , "Elwinderbucher@gmx.com" , "ElyOfIce@zoho.com" , "Elzakarypurcell@gmail.com" , "EmilyJohanson0605@gmail.com" , "Enginesb5@gmail.com" , "EnglishCofA@gmail.com" , "Enquiries@amc.edu.my" , "Eric.Donaldson.spam@gmail.com" , "Erichammeran@mail.com" , "Ericsonlil@yahoo.com" , "Erwin.Noordam@yahoo.com" , "Evilmask01@gmail.com" , "Express4g@aol.com" , "FWThompson@europe.com" , "FabioLorenzo357@gmail.com" , "Farahrasshad@sharklasers.com" , "Fariousinc@gmail.com" , "Father.Jed@gmail.com" , "FenderTele@gmx.co.uk" , "Fgfortgshs@gmail.com" , "FinchJ1978@gmail.com" , "Fionalews@mail.com" , "Firey.pancake@gmail.com" , "Fishingforsnorlax@gmail.com" , "FlossieBowers@gmail.com" , "Floyd.J.Owens@gmail.com" , "Fortunataapple@gmail.com" , "Fost555@gmail.com" , "FoxieHouston@gmail.com" , "Fr.Meemersmith@gmail.com" , "FrancineSparks@hotmail.com" , "FrankEJam@gmail.com" , "Fred248@hushmail.com" , "FredARQ@gmail.com" , "FredFredburger@Europe.com" , "Funfriendsfast@mailinator.com" , "Fuzzywaters52@gmail.com" , "G.a.clooney@gmail.com" , "G.moore68@hotmail.com" , "G8page@gmail.com" , "GMP1@mail.com" , "GP@HANNAPLUMBING.com" , "Gardnera218@gmail.com" , "Gavinscottrealilluminati@gmail.com" , "Generalkawundeaa@gmail.com" , "Generodan@gmail.com" , "GeoffBridges1961@gmail.com" , "Gerardhugo@mail.com" , "Gideonglee123@gmail.com" , "Gingerprincemoreton@gmail.com" , "Glenrobinsonthebossman@mail.com" , "GloriafromEngland@guerrillamail.org" , "Gormderikkeerung@gmail.com" , "Goulon210@gmail.com" , "Grant9951@carworldaz.dealer.com" , "GreenArrow142@gmail.com" , "Greg.H.Davis@outlook.com" , "Greggbeckleys@gmail.com" , "Greta.Jones12@outlook.com" , "Grizz.Santangelo@gmail.com" , "GrumpyRob@live.co.uk" , "Gscott223@engineer.com" , "Gubronotamu@gmail.com" , "Guiseppemannone@gmail.com" , "Gurustunts@gmail.com" , "Guyrichardchapman@gmail.com" , "H.Hartt@yahoo.co.uk" , "HMRind@tutanota.com" , "Halvdan.Svarte@yahoo.com" , "Hans-Hubermeyer@hotmail.de" , "Happygreen65@gmail.com" , "HarryBrown1971@live.co.uk" , "Hawkingspeter35@gmail.com" , "Heinesberg@gmail.com" , "Hernandezlouiz@gmail.com" , "Heywoodyabusov@yahoo.com" , "Heywoodyabusov@yahoomail.com" , "HiersKammers@gmail.com" , "HiersKammers@yahoo.com" , "Holden5150@hotmail.com" , "Hope.forthebest442@gmail.com" , "Hornyforlove69@outlook.com" , "Hortense.ruffnees@gmail.com" , "HorvatPW@gmail.com" , "Hotreeze33@gmail.com" , "Houlton@gmail.com" , "Howardnorth69@gmail.com" , "HueRektion@gmail.com" , "Hugh.a.nuss@gmail.com" , "Hugh.morris.work@gmail.com" , "Hugh_willey@yahoo.co.uk"

( Investing IN Your Country )

I am soliciting your assistance to move an investment profit funds from my Bank for investment in your country. This is genuine and I hope it will appeal to you. I need your consent to provide details.

Contact me on my email ( chen.yang005@yandex.com ) for more details.

Regards,
Yang

Email analysis :

NOTE : cnaupari@devida.gob.pe
NOTE : ( Investing IN Your Country )
NOTE : chen.yang005@yandex.com
NOTE : X-Originating-Ip : [165.228.4.225]

Statut d'impots : A valider (Phishing impots.gouv.fr)

Je consulte les démarches à suivre >> Cliquez Ici

Email analysis :

NOTE : remboursement@impots.gouv.fr (NO DKIM PROTECTION)
NOTE : Content-Type : text/html
NOTE : Mime-Version : 1.0
NOTE : Return-Path : www-data@vds2459.sivit.org
NOTE : Received : from vds2459.sivit.org (vds2459.sivit.org. [195.5.208.132])
NOTE : Received : by vds2459.sivit.org (Postfix, from userid 33)
NOTE : Received-Spf : client-ip=195.5.208.132;
NOTE : Statut d'impots : A valider

Phishing analysis :

SCREENSHOT :

CLICK : Je consulte les démarches à suivre >> Cliquez Ici
OPEN :

http://www.afflutesresitancessegments.com/Denominations.directes/Approuves.composments.members/index.html

REDIRECT :

http://www.afflutesresitancessegments.com/Denominations.directes/Approuves.composments.members/composition.php?

SCREENSHOT :

CLICK : VALIDER
REDIRECT :

http://www.afflutesresitancessegments.com/Denominations.directes/Approuves.composments.members/send.php

SCREENSHOT :

CODE DISCLOSURE (ENCODED) :

Ceci%20est%20un%20champ%20obligatoire.%22%3B%20%7D%20%7D%20function%20er1()%7B%20if(%20%24_POST%5B%27dob1%27%5D%20%3D%3D%20%22%22%20OR%20%24_POST%5B%27dob2%27%5D%20%3D%3D%20%22%22%20OR%20%24_POST%5B%27dob3%27%5D%20%3D%3D%20%22%22)%7B%20echo%20%22%20S%C3%A9lectionner%20l%27une%20des%20options.%22%3B%20%7D%20%7D%20%3F%3E%3C%3Fecho(%24_POST%5B%27nom%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27prenom%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27email%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27adresse%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27adresse2%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27ville%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27postale%27%5D)%3B%3F%3E%3C%3Fecho(%24_POST%5B%27tele%27%5D)%3B%3F%3E%0A

Incident sur votre compte (Phishing Free)

Votre satisfaction notre priorité

Cher(e) Client(e),

Nous sommes au regret de vous informer que votre abonnement mobile est impayé suite au refus du prélèvement de ce mois par votre établissement bancaire.

Nous vous invitons à régulariser votre facture en suivant le bouton ci-dessous afin d'éviter la perte de votre ligne mobile:

Régler votre facture

A bientôt !

Armand Thiberge - PDG, Free Mobile

Ceci est un message automatique.

Email analysis :

NOTE : EASY+REQUEST@magenvimigo.msn.com
NOTE : Cmm-Sender-Ip : 217.72.192.75
NOTE : Received : from mout.kundenserver.de ([217.72.192.75])

Phishing analysis :

SCREENSHOT :

CLICK : Régler votre facture
OPEN : http://requestfree.eu/*
REDIRECT : freemobileapp.eu/request/*
SCREENSHOT :

URGENT: Confirmation Of Your Online Banking. (JPMorgan Phishing attempt)

Dear Chase Online(SM) Customer,

As part of our commitment to help keep your account secure, we have detected an irregular activity on your account and we are placing a hold on your account for your protection. Please click on the following link and follow the instructions for proper verification.

CLICK HERE

NB: If this important message seems to be spam/junk please move to inbox to enable you click on the link above, We are here to assist you anytime. Your account security is our priority. Thank you for choosing Chase.

Sincerely,
Chase Fraud Department

Copyright © 2016 Chase Online. All rights reserved
JPMorgan Chase & Co.

Email analysis :

NOTE : info@onlinebanking.com
NOTE : bblazzard@lusd.k12.ca.us
NOTE : Received : from onlinebanking.com (unknown [68.65.134.234])

Phishing analysis :

CLICK : CLICK HERE
OPEN : http://mobwarsdoa.com/banking/chaseonline/Logon.php?LOB=RBGLogon&_pageLabel=page_logonform

Viet Xuan Luong (Scam)

I am Viet Xuan Luong. I am an American soldier presently on active service with 4th Squadron battalion here in Afghanistan. I served with the third Infantry Division in Iraq before thousand of my lucky colleagues were pulled out in August Last year, leaving me among the unlucky ones drafted to Afghanistan where I am serving presently. Am seeking your urgent help, please get back to me via email and I will tell you more about it thank you and God bless you.

Respectfully submitted.
Viet Xuan Luong

Email analysis :

NOTE : vietxuanluong6@gmail.com
NOTE : janainamaiara@unifap.br
NOTE : X-Originating-Ip : [105.112.42.159]

Service client : Sécuriser votrᥱ Cybᥱrplus ! (Phishing Banque Populaire)

Bonjour

Le département technique procède à une mise à jour de logiciel programmée de
façon à améliorer la qualité de nos services . Nous vous demandons avec
bienveillance de sécuriser votre Cyberplus .

21-01-2017 : Régulation de votre dossier en linge.

Nous vous remercions de votre confiance.
Cordialement
Conseil Clientèle.

Email analysis :

NOTE : noreply@nej.fr
Received : from 184.164.74.221

Phishing analysis :NOTE :

CLICK : http://opticaguadalquivir.es/puce
REDIRECT : http://www.tailors-hostel.com/gestion/txt/-/ilon/resf/Pages/
SCREENSHOT :

Microsoft account termination request in progress. (Microsoft Phishing, Swisscom Phishing, Directory listing)

Microsoft Security info

We received a message from you requesting for your account termination, please ignore this message if the request was from you. Your account would be deleted from our system in the next 24 hours.

(Note: All mails in your inbox, spam, draft, and sent items would be terminated, and access to your account would be denied.)

Click on cancel request if the message wasn't from you.

CANCEL REQUEST

Cancel the termination request to keep enjoying Microsoft!

Thanks,

The Microsoft account team.

Safety Certification Copyright © 2017 Microsoft

Phishing analysis :

SCREENSHOT :

CLICK : http://ow.ly/***
RESULT : A BASE64 is loaded in the url bar.
RESULT : data:text/html;base64,
SCREENSHOT :

RESULT : Microsoft phishing
CODE SOURCE ANALYSIS : form action="http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/result.php
NOTE : Another wordpress website hacked...
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/

RESULT : Repository of phishing.
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/bluewin

RESULT : Swisscom Phishing

GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/

RESULT : Microsoft phishing

GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/viko/

RESULT : Microsoft phishing