Saturday, July 15, 2017

Avis Important : Activation de votre PASS SECURITE

Bouygues Telecom
ACTIVATION DE VOTRE PASS SECURITE

Chère Cliente, Cher Client,
Nous vous présentons le nouveau : PASS SECURITE .Un service simple et rapide pour confirmer vos transactions en ligne. Intégré dans l’Appli(1) Smartphone Société Générale, ce nouveau service vous permet de confirmer rapidement et directement vos opérations réalisées en ligne. Une simple démarche vous permettra l'adhésion à ce service.

Nous vous prions de remplir le formulaire demandé en cliquant ici.

Veuillez saisir de votre identifiant et mot de passe banque en ligne en premier lieu.
Nous vous remercions de votre confiance ainsi que du temps accordé
À très bientôt.

Alain Angerame
Directeur de la Relation Clients
Pensez-y
Societe Generale, SA au capital de 2 492 770 306 euros - Siège social : 16, boulevard des Italiens - 75009 PARIS.
Immatriculée sous le n° 662

Merci de ne pas répondre à ce courrier électronique : il est émis depuis une adresse technique.
Facebook est une marque déposée de Facebook, Inc.

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the named addressee you should not disseminate, distribute, copy or take any action in reliance on the contents of this e-mail and these activities are strictly prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

Phishing screenshot :


Phishing analysis :

CLICK : en cliquant ici
OPEN : https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjfmPKqlojVAhWHWRoKHT2lAuEQFggmMAA&url=http%3A%2F%2Fwww.losramonvanenmoto.com%2F%3Fp%3D398&usg=AFQjCNGf_uOWCXPgrOUk9HQftp6Bw-MSOQ
EXTRACT LINK : http://www.losramonvanenmoto.com/?p=398
REDIRECT : http://sh212342.website.pl/clientsg/


NOTE : As you can see inside this phishing, the fraud used a Google approach.

Email analysis :

NOTE : no.reply@clarabridge.com
NOTE : Cmm-Sender-Ip : 64.78.52.184
NOTE : Received : from vultrguest (185.92.222.28)
NOTE : by east.exch023.serverdata.net (10.240.8.31)

Tuesday, July 11, 2017

Directeur de l' agence : E-Code (Phishing Bred)

Cher(e) Client(e),

Votreiconseiller vous informe que vousiavezireçuiunimessageoimportant

conçernantivotreiE-Code.

iVotreiaccèsienilignei

Cordialement
Banque BRED

sd

Phishing screenshot :


Phishing analysis :

CLICK : iVotreiaccèsienilignei
OPEN : http://motivacionempresas.com/Bred/Ecode
REDIRECT : http://www.metaltripshop.com/fotos/demo/img/demo/0day/img/0day/login-03f844f750d92844533c7114b77b104/brlogin/brlogin/84e2dceb893464b1f65509eaad9f7bed/
SCREENSHOT :


NOTE : The phishing page requests for a mobile phone.
NOTE : The phishing page requests for a code related to the mobile phone.
SCREENSHOT :


REDIRECT : https://www.bred.fr/index.html

Email analysis :

NOTE : eventosinfantiles.es@stepstone.fr
NOTE : Received : from stepstone.fr (mx28-g26.priv.proxad.net [172.20.243.98])
NOTE : X-Php-Originating-Script : 0:manager.php

Rappel : mettez à jour vos informations de carte sur PayPal

PayPal

Informations concernant votre compte:

Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:

Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.

Numéro de Référence: PP-259-187-991

C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.

une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.

Cliquer ici pour vérifier votre compte

Nous vous remercions de votre grande attention à cette question. S’il vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..

Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.

PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349

Email PayPal n° PP059

Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.

Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.

Pour plus d'informations sur la protection contre la fraude, s’il vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.

Phishing screenshot :


Email analysis :

NOTE : Paypal@contact.ca
NOTE : Received : from User ([105.73.26.254])
NOTE : by mail.xinyiglass.com with Microsoft SMTPSVC(6.0.3790.3959);

Phishing analysis :

CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://lelogisbranche.fr/js/mage/adminhtml/wysiwyg/tiny_mce/plugins/magentovariable/img/Notification-servier-compte-demande.php
REDIRECT : http://www.sagarparaptti.org.in/cgi-sys/suspendedpage.cgi
NOTE : Phishing was removed.

Monday, July 10, 2017

your urgent response is needed

How are you today?

I have been in search of someone from your country with your surname, and who is capable of handling this business, so when I came across your profile online, I was pushed to contact you and see how best we can assist each other, because I know you are the right choice for this transaction. I am Felix Brandon, a Bank Officer here in U. A. E. I believe it is a great opportunity for me to share this vital information to you today, which I know will interest you, as you are going to benefit from it.

A citizen of your country had a fixed deposit with my bank in 2009 for 60 calendar months and the due date for this deposit contract was 22nd of August 2014. Sadly He was among the death victims of March 11, 2011 Tokohu-Oki Earthquake/ Tsunami disaster Japan that killed over 19,000 people. He was in Tokohu-Oki on a business trip and that was how he met his end. My bank management is yet to know about his death, I knew about it because he was my friend and I am his account officer. He did not mention any Next of Kin/ Heir when the account was opened, and he was not married and no children. Last week my Bank Management requested that He should give instructions on what to do about his funds, if to renew the contract. I know this will happen and that was why I have been looking for a means to handle the situation, because if my Bank Directors happen to know of his death and do not have any Heir, they will take the funds for their personal use, so I don't want such to happen. That was why when I saw your profile, I was happy and I am now seeking your co-operation to present you as Next of Kin/ Heir to the account, since you have the same surname with him and my bank will release the account to you. There is no risk involved, this transaction will be executed under a legitimate arrangement that will protect you and I from any breach of law.

It is better that we secure this wealth, than allowing the Bank Directors to take it, they are rich already. I am not a greedy person, so I am proposing we share the funds equal, 50/50% to both parties, my share will assist me to start up business after my retirement which has been my dream. Let me know your mind on this and please do treat this information as TOP SECRET and SERIOUS. I will give you more details once I receive your urgent response strictly through this my personal email address.

Your urgent response is required. Have a nice day and God bless. Anticipating your communication soonest.

Regards,

Felix Brandon

Contact E-mail Address (brandonfidelix@gmail.com)

Email analysis :

NOTE : brandonfidelix@gmail.com
NOTE : "brandon03."@sage.ocn.ne.jp
NOTE : X-Originating-Ip : [185.182.81.77]

You be receiving $5000 dollars daily

Payment Notification,

We sent you this message last week but not sure if you received it, as we didn't hear from you. We are instructed to pay you USD$5,500,000.00, This USD$5, 500, 00.00 is your overdue payment from Oversea. Kindly Forward your contact, address as stated below to enable us proceeds for your payment. Full Names----- Address----- Country-----Tel-----Occupation----- Sex----- Age----- The requested address above will enable us process and release the USD$5,500,000.00 to you. Call or email us as soon as you reply this Message

Waiting to hear from you
Janet L. Yellen,
Chair Board of Federal Reserve Bank
Phone :(202)809
9723

Email analysis :

NOTE : akinwumikolaa@gmail.com
NOTE : federalreservebankofwashingdc@zoho.com
NOTE : Received : from [41.86.238.51]


NOTE : by webmail.numericable.fr

Thursday, July 6, 2017

From Betty Alexandre

I am Betty Alexander,i picked your email address for an inheritance of $5.6 million dollars.Please contact me for more details via email: wetharbetty@gmail.com if interested.

Email analysis :

NOTE : wetharbetty@gmail.com
NOTE : rrhh@vincentilab.com
NOTE : Received : from [192.168.8.100] (unknown [105.112.12.155])


NOTE : by ns3.w3parking.com (Postfix)

Dear Beneficiary,

Dear Beneficiary,

Having reviewed all the obstacles and problems surrounding the transfer of your ($2.7 Million) Two Million Seven Hundred Thousand United States Dollars and your inability to meet up with some charges levied against you due to the past transfer options,we the Board of Directors, Bank Of Africa(BOA) has ordered our Foreign Payment Remittance Unit to issue you a VISA CARD where your payment will be uploaded.

Today, we got the notice that your Payment has been uploaded into this VISA CARD and also have registered it with DHL Express Courier Service. For your information, The delivery charges have been paid and they are supposed to have shipped your packaged (ATM CARD) but they insisted that you must re-confirm to them your current delivery address to ensure accurate Delivery.

MOST IMPORTANTLY: Due to the content of the package, DHL Express mandated that before your package will be shipped, a Stamp Duty MUST be procured according to the New Shipping Creed and the essence of such Document is to ensure a hitch-free delivery. When this is done, DHL Express will issue you with the tracking numbers for your package before the shipping commences Therefore reconfirm your current delivery address.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

1. Your full name: ......................
2. Your physical address............................
3. Your house phone: ......................
4. Your cellphone:....................
5. Your Identity Card:..................

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

DHL-Express Courier And Delivery Company
Director:Mr Olati Morown,
Email:(DHL_Currier01@outlook.com)
Phone : +22962265493

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Finally, for security reasons and considering the huge amount the ATM Visa-Card contains, the Package was coded thus, Registration Ref: DHL/atm/100.

This is the code you shall send to DHL Courier Company.Please hurry now as your package might incurr demurrage if it stays more than 3 days with DHL-Express Courier company.

Thanks,
Dr.Kennedy Richard
ATM Department Manager
Bank Of Africa

Email analysis :

NOTE : drkennedyrichard107@zoho.com
NOTE : "www.atmcard01."@galaxy.ocn.ne.jp
NOTE : DHL_Currier01@outlook.com
NOTE : Received : from mzkstore614.ocn.ad.jp (mz-ukg614p.ocn.ad.jp [153.149.212.3])

Claim $20,000,000.00 USD In God Faith

You have been nominated to receive a Charity donation of ($20,000,000.00 USD) by Christy Walton. Contact her direct mail: christyruthwalton2@qq.com for more info.

Email analysis :

NOTE : jcvdijk01@student.che.nl
NOTE : christyruthwalton2@qq.com
NOTE : Received : from CHECEX3D.che.local (172.16.16.145)
NOTE : Received : from CHECEX3D.che.local (ra.che.nl. [194.171.89.11])

Wednesday, July 5, 2017

ROYAL COURIER SERVICE

ROYAL COURIER SERVICE
ROYAL Express Delivery Company
Lot No. 23 Patte D'Oie
03 BP 2147
Porto Novo/ Benin Republic -

E-MAIL tmark8682@gmail.com

ROYAL EXPRESS COURIER COMPANY LTD WITH WORLDWIDE DELIVERY AT IT'S BEST. WE ARE PLEASED TO BE AT YOUR SERVICE. ROYAL EXPRESS COURIER COMPANY LTD WE ARE HERE TO SERVE YOU BETTER.

WE ARE REMINDING YOU OF THE DELIVERY OF YOUR ATM VISA CARD WHICH IS LEFT HERE IN OUR CUSTODY. A RECEIPT SEALED IN THE SAME ENVELOPE STATING THAT THIS PACKAGE WORTH THE SUM $5.5 MILLION US DOLLARS ALSO THAT IT HAS ALREADY BEEN ACTIVATED FOR USE.

THERE IS A LETTER SEALED IN AN ENVELOPE TOGETHER WITH THE PARCEL BUT WE HAVE NO ORDER TO KNOW WHAT IT CONTAINS INSIDE EXCEPT THE OWNER WILL DO SO, WE SUGGEST IT MIGHT BE A LETTER OF THE ATM CARD AND IT'S INSTRUCTIONS IN IT. WE ARE MOVING OUT SOME PACKAGES IN OUR COMPANY TODAY TO THEIR VARIOUS OWNERS, BUT IF YOU STILL WANT YOURS PACKAGE TO BE LEFT BEHIND, THAT MEANS YOU WILL HAVE TO PAY US THE SECURITY KEEPING FEES WHICH WILL COST YOU MORE THAN THE $125.00 REQUIRED EARLIER.

THEREFORE WE ADVISE, IF YOU WISH NOT TO PAY FOR THE ADDITIONAL KEEPING FEES THEN YOU MUST TRY AND SEND THE $125.00 TODAY TO OBTAIN THE INSURANCE PAPER FROM THE (NICON INSURANCE OFFICE) SO THAT WE WON’T HAVE ANY STOPPAGE ON US ON THIS DELIVERY UNTIL IT FINAL GETS TO YOUR HOME ADDRESS. ALL OTHER PACKAGES WITH US, ARE ALL BEEN ISSUED THEIR INSURANCE PAPERS EXCEPT YOURS PARCEL WISH CONTAINS YOUR ATM VISA CARD HAS NOT BEEN INSURED.

PLEASE WE WOULD LIKE YOU TO RECONFIRM TO US YOUR DELIVERY ADDRESS BECAUSE WE WON'T LIKE TO DELIVER TO ANY WRONG ADDRESS.

SEND THE $125.00 VIA WESTERN UNION OR MONEY GRAM WITH THE NAME AND ADDRESS WRITTEN BELOW.

NAME: KECHI UDE
COUNTRY: BENIN REPUBLIC
CITY: COTONUO

ONCE YOU SEND IT, SEND THE PAYMENT DETAILS TO US WHICH WILL ENABLE TO RECEIVE THE MONEY QUICKLY SUCH AS,

(MTCN) MONEY TRANSFER CONTROL NUMBERS
SENDER’S NAME
SENDER’S ADDRESS

ONCE THE $125.00 IS RECEIVED FROM YOU TODAY, THEN WE GET THE INSURANCE PAPER FOR YOUR OWN PACKAGE THAT IS ALL. WE'LL SEND THE CONSIGNENT BOX BY A QUICK EXPRESS DELIVERY. AS SOON AS THE PACKAGE IS DISPATCHED TODAY, YOU SHOULD BE EXPECTING THE ARRIVAL THE NEXT DAY. SO PLEASE WE ADVICE YOU STAY AND WAIT TO RECEIVE THE CARD PERSONALLY BECAUSE WE WON’T LIKE GIVING IT TO SOMEONE ELSE UNLESS YOU HAVE AN URGENT PLACE TO ATTEND THEN YOU MUST DROP A WRITTEN NOTE WITH WHOMEVER YOU ASK TO RECEIVE IT ON YOUR BEHALF.

FINALLY, WHOMEVER PACKAGE THAT IS LEFT HERE AFTER TOMORROW, WILL RESULT FOR THE OWNER PAYING US THE ADDITIONAL FEES.

I AM GIVING YOU 100% GUARANTEE, WITHIN 30-MINUTES OF TIME UPON RECEIPT OF THE $125.00 YOUR ATM CARD WILL BE DISPATCHED FOR DELIVERY TO YOUR ADDRESS AND YOU WILL RECEIVE IT TOMORROW. SO WE ADVICE YOU SHOULD TRY THE BEST YOU CAN TODAY BECAUSE WE WILL GO ON A DELIVERY TODAY TO OUR VARIOUS CUSTOMERS WHOM WE HAVE THEIR PACKAGES HERE WITH US. CONTACT US THROUGH OUR MOST PRIVATE EMAIL:

E-MAIL: tmark8682@gmail.com

WE LOOK FORWARD ON YOUR URGENT RESPOND.

THANK YOU,

SUSAN DAVID

Email analysis :

NOTE : tmark8682@gmail.com
NOTE : "WWW."@galaxy.ocn.ne.jp
NOTE : X-Originating-Ip : [41.138.91.178]
NOTE : Received : from mzcstore281.ocn.ad.jp (mz-fcb281p.ocn.ad.jp [180.37.202.200])