Thursday, May 4, 2017

I wait to read from you

Greetings,

I represent an investment interest that is interested in investing abroad, a large volume of resources, we are seeking your participation as an overseas representatives to treat the investment in your country. If interested, please contact me by writing back.( )

Thank you very much

Email analysis :

NOTE : vb00149@surrey.ac.uk
NOTE : v.bokinala@surrey.ac.uk
NOTE : 19investment@gmail.com
NOTE : client-ip=195.245.231.133;

Messagelabs

Received : from [85.158.136.51] by server-6.bemta-5.messagelabs.com

85.158.136.51

NOTE : Received : from 178.33.210.30 (131.227.131.245)

Scam from 131.227.131.245

NOTE : by EXHT021P.surrey.ac.uk (131.227.200.35)

Scam from 131.227.200.35

NOTE : with Microsoft SMTP Server (TLS) id 8.3.485.1;
NOTE : EXHT021P.surrey.ac.uk
NOTE : www.surrey.ac.uk

@UniOfSurrey servers were used to relay this scam

NOTE : The @UniOfSurrey servers were used to relay a scam.
NOTE : The email of #vivek_bokinala was used to relay this #scam

_ C O N G R A T U L A T I O N S _

WESTERN UNION ASIA

[HEAD OFFICE] - KUALA LUMPUR, MALAYSIA

" WESTERN UNION GRANT 2017 "

YOUR EMAIL WAS SELECTED AND HAVE BEEN AWARDED THE SUM OF $500,000.00 USD. YOU WILL BE ISSUED A WESTERN UNION NETSPEND MASTERCARD CREDITED WITH $500,000.00 USD

NOTE: The Delivery Of Your WESTERN UNION NETSPEND MASTERCARD To Your HOME is FREE !

Your Reference No: WU/WUA2017/BBKMY

For More Information , Please Contact -

Western Union Agent: MELISSA BINTI MUBARAK
Contact E-mail: westernunion.melissamubarak@gmail.com
Office Telephone: +60165781566

CONGRATULATION ONCE AGAIN FROM WESTERN UNION © [ ASIA ].

Email analysis :

NOTE : wu.asia2017@gmail.com
NOTE : westernunion.melissamubarak@gmail.com
NOTE : info@viniwee.com
NOTE : Received : from User (unknown [51.15.147.28])


NOTE : by host.viniwee.com

Thursday, April 27, 2017

Assalamualaikum

Greeting !

How are you? My name is Kayla Morni Mohd, a Citizen of Syria lived in Aleppo- Syria., I'm one of the former senior inspector for Syria National Petroleum Company(Kawkab Oil Company). I have Business investment transaction worth $8.2 Million. I will like to relocate out from Syria, Because here in Syria is serious war here. I wait to hear from you as soon as you see this message

regards,

Kayla Morni Mohd

Email analysis :

NOTE : morie8@bigpond.com
NOTE : X-Originating-Ip : [46.23.66.106]

Crédit Mutuel de Bretagne

Bonjour,

Nous tenons de vous informer que vous avez un nouveau message.
Pour consulter votre boite de messagerie cliquez sur le lien ci-dessous :

Consulter la boite de messagerie

Cordialement,
Laurent Biojoux,
Directeur de la Relation Clients

Crédit Mutuel de Bretagne

Veuillez ne pas répondre à cet email car les messages reçus à cette adresse ne sont pas lus. Pour
nous contacter, connectez-vous à votre compte et cliquez sur Contact en bas de n'importe quelle page.

Email analysis :

NOTE : tracey.lahey@sympatico.ca
NOTE : cmb@contact.com
NOTE : Cmm-Sending-Ip : 184.150.200.79

Phishing was sent via this ip : 184.150.200.79

Phishing analysis :

CLICK : Consulter la boite de messagerie
OPEN : https://tinyurl.com/k96mlop

tinyurl hosted a redirect to a phishing

AUTOMATIC USPS statement: your package has been postponed

This is an automatic message: you are obliged to read this letter to accept
the order.
Please, use the link seen down below to contact the USPS support team.

http://www.stbishoy.org/wp-content/b4d47c6405.html

Thanks and best regards.
Takeisha Wernecke - USPS Senior Station Manager.

Email analysis :

NOTE : wo56816421@occhristian.pvt.k12.ia.us
NOTE : USPS Priority
NOTE : Received : from occhristian.pvt.k12.ia.us (unknown [186.151.239.161])
NOTE : User-Agent : Opera Mail/10.62 (Win32)
NOTE : 186.151.239.161


Phishing analysis :

CLICK : http://www.stbishoy.org/wp-content/b4d47c6405.html
OPEN : http://www.stbishoy.org/wp-content/b4d47c6405.html
REDIRECT : http://servisedelivery.com/bot14/lgen.php
RESULT : Phishing is unresponsive...

Stbishoy.org analysis :

Registrant Email: stbishoy.org@proxy.dreamhost.com
Updated Date: 2016-11-01T18:00:21
Creation Date: 2009-08-02T04:33:23
Registry Expiry Date: 2017-08-02T04:33:23

Servisedelivery.com analysis :

Updated Date: 2017-04-24T17:04:10
Creation Date: 2017-04-24T00:00:00
Registrar Registration Expiration Date: 2018-04-24T00:00:00
Registrar Abuse Contact Email: abuse@bizcn.com
Registrant Name: Wuxi Yilian LLC
Registrant Organization: Wuxi Yilian LLC
Registrant Street: No.1001 Anling Road
Registrant City: Xiamen
Registrant State/Province: Fujian
Registrant Postal Code: 361008
Registrant Country: cn
Registrant Phone: +86.5922577888
Registrant Fax: +86.5922179606
Registrant Email: whoisprivacyprotect@whoisservices.cn