Thursday, August 24, 2017

Your PayPal account has been temporarily Locked! (PayPal Phishing)

paypal

Welcome

Dear *@*,

Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)

Activate

Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.

Yours sincerely,
PayPalYours sincerely,
PayPal

Email analysis :

NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])


Phishing analysis :

CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :


TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :

Wednesday, August 23, 2017

Antonin (Military Scam)

I am Sgt Antonin Andel, i have a project for you.

Email analysis :

NOTE : antonin.andel@outlook.fr
NOTE : postmaster@spamwall.quilmes.gov.ar
NOTE : designates 190.120.191.6 as permitted sender)
NOTE : client-ip=190.120.191.6;


NOTE : Received : from [192.168.0.100] (unknown [43.240.7.127])

Bonjour (Arnaque financement)

Bonjour,

Par respect, êtes-vous en besoin de financement ? Si oui, je vous expliquerai plus en détails dans mon prochain mail.

A vous lire,

Linette TROST

Email analysis :

NOTE : sperandeosnc@tin.it
NOTE : linette.trost@gmail.com
NOTE : X-Originating-Ip : 41.138.89.213:49283


NOTE : sperandeosnc@tin.it designates 212.216.176.195
NOTE : as permitted sender) client-ip=212.216.176.195;

Your response is highly appreciated!!

Hello ,

I am specifically contacting you in respect of a business proposal that I have for you as you appear very relevant in the proposal.

Please kindly reply back to me for further details.

Waiting to hear from you.

Regards,

Mr.Adams Salem

Email analysis :

NOTE : mradamssalem@mail.ru
NOTE : do.tapia@centrosur.gob.ec
NOTE : Received : from DESKTOP-THKGO5T.localdomain
NOTE : (unknown [169.159.126.174])


NOTE : by mail.iniciativa.cat (Postfix)

PRIVATE....

I am seeking your assistance in helping me receive a large amount of money and in giving a clear research and feasibility study on areas I could invest on. If you are interested then kindly send your feedback to this mailbox: mrmichealwuu14@yahoo.com.hk

Regards,
Micheal Wu

Email analysis :

NOTE : mrmichealwuu14@yahoo.com.hk
NOTE : drmartens.trinoma@cln.com.ph
NOTE : Received : from [74.208.131.168]
NOTE : (unknown [74.208.131.168])


NOTE : by mail.cln.com.ph (Postfix)

how are you doing my dear,

i have a personal reason of writing you now.write to me ok

Email analysis :

NOTE : davidmiller5113@gmail.com
NOTE : michael.un@yahoo.com
NOTE : Content-Type : text/plain; charset="UTF-8"
NOTE : 209.85.220.65 as permitted sender