Need mnoey?Eaarn 50.000 per moonth.

###MAKE MONEY ON1|NE###
===EAARN 50.000 PER MONNTH===
1.You need 0nly email to regisster
2.Fluly automattic sytsem!NOTHING TO DO...
3.@bs0lutely passvie inc0me
http://www.wildstonesolution.com/wp-content/plugins/wordpress-seo/vendor/xrstf/composer-php52/lib/5bc10d79da.html

The title of the scam can also be : Need mooney?Eran 50.000 per moonth. with a different content

###MAAKE MONNEY ONLLNE###
===EAARN 50.000 PER MONTH===
1.You neeed only emmail to reg|$ter
2.Fuliy automatic ssytem!NOTHING TO DO...
3.Absolute1y passive lnc0me
http://www.ieee-papers.com/wp-content/themes/twentyseventeen/2159b211e2.html

Email analysis :

NOTE : mhurdsj@excite.it
NOTE : gfgrimaud@tjb-barre.com
NOTE : 202.150.50.14

NOTE : 113.186.177.167

Phishing analysis :

CLICK : http://www.wildstonesolution.com/wp-content/plugins/wordpress-seo/vendor/xrstf/composer-php52/lib/5bc10d79da.html
Result : Redirect to Google, the phishing was removed...

CLICK : http://www.ieee-papers.com/wp-content/themes/twentyseventeen/2159b211e2.html
RESULT : Redirect to Google, the phishing was removed

NOTE : Two wordpress websites were compromised to do this phishing.

Update Your Account Information Now !! (PayPal Phishing Attempt)

PayPal

Warning : Account Issue !
Your account is limited untill you update your information because some one requested acces to your account, here is the infos :
Location : Russia
IP adress : 176.96.80.140
Navigator : Mozilla Firefox 48.0 on Windows
The restore the access to your account please click on the link below :

Update My Account

This is an email sent automatically. Please do not reply to this letter, because the e-mail address is only configured to send but not to receive e-mails.
Copyright © 2017 All rights reserved.

Phishing screenshot :

Email analysis :

NOTE : morag@g-p-t.co.uk
NOTE : Received : from RDT.spectra.local (unknown [80.229.37.167])

NOTE : by cust-smtp-auth2.fasthosts.net.uk (Postfix)
NOTE : client-ip=213.171.216.60;

Phishing analysis :

CLICK : Update my Account
OPEN : http://sadagatismayilova.com/update-your-account-information-now/myaccount/
SCREENSHOT :

NOTE : Phishing was removed.

(no subject)

السلام عليكم انا مدام نادية محمد اريد منك ان تساعدنى لاننى لدى مشروع اريد ان اعرضه اليك لذا ارجو منك التواصل معى على هذا الايميل

nadia55mohammed@gmail.com

Translation :

Salam alaikum. I am Madame Nadia Mohamed. I want you to help me because I have a project I want to introduce to you so I hope you can contact me on this email

Nadia55mohammed@gmail.com

Email analysis :

NOTE : nadia55mohammed@gmail.com
NOTE : ib@caucasus.net
NOTE : Received : from webmail.caucasus.net
NOTE : (unknown [213.157.215.234])

NOTE : by mail.caucasus.net (Postfix)

Rich and Famous

JOIN THE GREAT ILLUMINATI BROTHER HOOD TODAY AND LIVE A BETTER AND HAPPY LIFE. WELCOME TO THE GREAT TEMPLE OF RICHES AND FAME. Are you a business, Man, politician, musical, student and you. want to be rich, powerful and be famous in life. You can achieve your dreams by being a member of the Great illuminati brother hood. With this all your dreams and heart desire can be fully accomplish, if you really want to be a member of the great illuminati brother hood, contact the Lord illuminati now, Note: newly recruited members are entitled with 100 thousand US Dollars , A Golden Ring, that will protect and guild you from enemies, and a free visa to United State Of America . Please will do not share blood. Do not miss this opportunity. Call Jack lord Now . ¡¡¡ +19066620480. Or email now on: illuminatitemple792@gmail.com

Email analysis :

NOTE : illuminatitemple792@gmail.com
NOTE : gcdash@nitrkl.ac.in
NOTE : X-Originating-Ip : [172.16.0.20]
NOTE : Received : from zmbox2.nitrkl.ac.in
NOTE : (zmbox2.nitrkl.ac.in [172.16.0.24])
NOTE : X-Mailer : Zimbra 8.6.0_GA_1194 (zclient/8.6.0_GA_1194)
NOTE : Received : from mailhost2.nitrkl.ac.in (saraswati.nitrkl.ac.in. [27.48.137.18]

Tammy Joorst (Email Leak)

Good day

how can you supply me?

Email analysis :

NOTE : 3563909@myuwc.ac.za
NOTE : 3556254@myuwc.ac.za
NOTE : regie44@outlook.com

Email leak :

saymorebc@hotmail.com, sayyashdesigns@yahoo.com, sazdesign67@yahoo.com.au, sbaladev_24@yahoo.com, sbasnyat@las-cruces.org, sbbwa.secretary@gmail.com, sbc@sbcinv.net, sbc4radio@yahoo.com, sbghosh@hotmail.com, SBIRRO1984@hotmail.com, sbrady@hotmail.com, sbryson@westernleisureservices.com.au, sbsbjulia@gmail.com, sbugan@ncpg.gov.za, sburdisso@hotmail.com, scampbell3523@gmail.com, scampher@gmail.com, scamwarners9@gmail.com, scanvps@hotmail.com, scardoso_1@yahoo.com.ar, scarfyw1@yahoo.com.au, scarletcourierupdate@yahoo.co.uk, scc.info@tsogosun.com, scchiou_43197@yahoo.com.tw, scentedcandlelady@gmail.com, schakrabarty@gmail.com, schalk.ltgroep@mailbox.co.za, scharvest@gmail.com, scheffer.luana@gmail.com, schewitzl@gmail.com, schickelizabeth@hotmail.com, schoa2014@gmail.com, schoeman.yolandy@gmail.com, schoemanattorneys@gmail.com, scholtzrg@gmail.com, School@yahoo.de, sclsis@hotmail.com, scmibs@hotmail.com, sconature@gmail.com, sconejumpclub@hotmail.com, scordony@hotmail.com, SCOssiya@hotmail.com, scott_lee2000@yahoo.com, scottadamslv@gmail.com, scottandersonelectrical@gmail.com, scottandersonelectrical@gmail.co, scottdishner@gmail.com, scottjohn06@hotmail.com