Tuesday, October 10, 2017

Lors votre dernier achats (Phishing Société Générale)

Adhésion : Faite votre demande en ligne en cliquant-ici

Email analysis :

NOTE : Received : from 5.62.57.67 (IP may be forged by CGI script)
NOTE : by infong73.kundenserver.de
NOTE : Return-Path : < noreply@nrj.fr >
NOTE : noreply@nrj.fr
NOTE : X-Mailer : PHPMailer [version 1.73]

Phishing screenshot :


Phishing analysis :

CLICK : Faite votre demande en ligne en cliquant-ici
OPEN : http://hinsorn.ac.th/obeclms/osita/
REDIRECT : http://seraylv3.beget.tech/near/sg/ce18c0b32e0328aa61d8c9d10b1f34c6/
SCREENSHOT :


SPOOFED EMAIL : noreply@nrj.fr

Hi User, I sent you message on your LinkedIn network (LinkedIn Phishing)

Information from scam.cz :

- The linkedIn phishing has other formulas.
- Same phishing link as in this phishing.


Email analysis :

NOTE : dir-finance@meu.edu.jo
NOTE : X-Originating-Ip : [105.112.16.77]

Hi User, Ahmed Kinawy invitation is awaiting your response. (LinkedIn Phishing)

LinkedIn
Ahmed Kinawy wants to add you to their network

mahmoud ahmed
Ahmed Kinawy
CEO at RIOTRADE BUSINESS GROUP
Dubai:· 5,640 connections
Accept Ahmed's invitation

LinkedIn is a social network and online platform for professionals. Learn More
Unsubscribe | Help

You are receiving Invitation emails. LinkedIn will use your email address to make suggestions to our members in features like People You May Know.
This email was sent to you.
LinkedIn

© 2017 LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2. LinkedIn is a registered business name of LinkedIn Ireland Unlimited Company. LinkedIn and the LinkedIn logo are registered trademarks of LinkedIn.

Email analysis :

NOTE : hsmuisem@meu.edu.jo
NOTE : Received : from [172.20.10.3] (105.112.24.147)


Phishing screenshot :


Phishing analysis :

CLICK :
OPEN : https://florenciaeventos.com.ar/jkk/i.php
REDIRECT : https://florenciaeventos.com.ar/Lin/www.linkedin/c393e7e29942131cf98a4f0aecb5c2a2/
SCREENSHOT :


FILL : FORM
REDIRECT : https://florenciaeventos.com.ar/Lin/www.linkedin/c393e7e29942131cf98a4f0aecb5c2a2/index2.html
SCREENSHOT :

PAYMENT DETAILS (Western Union Scam)

Attn:

Western Union money transfer center has completed the trace of the money transfer directed to you. We are redirecting a fund transfer to you. Your lump sum payment is ready since 14th September. You have to claim it now or it will expire soon. There a PIN Code on your western union account so no agent can claim your points. Because you have not used your WU Points since you started to use western union services, your points have doubled and accumulated. This has earned you over $17,000 overtime.

Please note; Each time you receive or send money from western union, you earn points for the service. This points can be converted to money after a period of time. Some western union agent will not tell you this and they will use up your western union points and convert them to free cash payment from western union. This is the reason why western union withdraws the licenses from many of our agents. If your agents refused to give you information about your western union points, don't argue, just write to western union and your points will be revealed to you. Make sure to keep your western union card safe if you don't have a western union card you can also demand the card from any of our western union agents.

Western Union After claiming you lump sum. It will start again from zero. Please, reply and include on this email your:

Full Names:
Date of Birth:
Address:
Telephone:

Western Union will send your mtcn number to pickup cash daily from any of our western union agent location near you.

Signed:

Dr. Karlina Herman,
Western union money transfer (WUMT)
www.westernunion.com

� 2017 Western Union Holdings, Inc., All Rights Reserved.

Virus-free. www.avg.com

Email analysis :

NOTE : westernunion@englandmail.com
NOTE : ecashport@post.com
NOTE : Received : from User (e2.starplexx.com [92.51.240.121])


NOTE : (Authenticated sender: test@chlazeni.cz)

Monday, October 9, 2017

COMPENSATION FOR SCAMMED VICTIMS.

CENTRAL BANK OF NIGERIA
Plot 33, Abubakar Tafawa Balewa Way
Central Business District,
Cadastral Zone,
Abuja, Federal Capital Territory,
Nigeria
P.M.B. 0187,
Garki Abuja.
Nigeria.

ATTN: BENEFICIARY,

COMPENSATION FOR SCAMMED VICTIMS.

You are been officially contacted today because your funds werer e-deposited into the "Federal Suspense Account" of CBN last Month,because you did not Claim your funds as the rightful beneficiary from our corresponding bank, this payment serves as a compensation to scammed victimS to recover part of the money that they were defrauded by the trick stars.

Well known to all, the Central Bank of Nigeria is the mother Bank of all commercial Banks here in Nigeria as well as Nigeria beign the ECOWAS Chieftain country in Africa ,due to the amount of scamming systems used by the fraudlent officers and staffs working in the bank who manipulated and forged government information and also hacked and manipulated the beneficiaries details to their fraudulent use and dupe them of their money, in this respect international monetry fund IMF and CBN put a restriction that no fund will be deducted or withdrawn by any staff or officer for any reason so it has to be putting under a high insurance bond that makes it impossible for the impostors to divert or withdraw any money,be it staff or officer.

This morning at about (10:00am Standard Pacific Time) i was alerted by my Secretary that three men and a Lady were at my Office reception Waiting to see me,to my surprise they were two Canadians and a Nigerian attorney, they introduced themselves as (Mr. Tim Parker, Mr. Roland Gulf, Both from Canada), accompanied with them is a Nigerian attorney With the name (Barriester Lambart Nnamdi), and Miss Hellene Rose.

Really these men were unexpected by me because their visit was impromptu and unusual, i had to ask them why they came to see me,they said that they were here to collect the overdue funds which rightfully belongs to you, on your behalf, these foreigners actually claimed this beyond reasonable doubts, that you are no more alive.

I asked them who authorized them to come down to Nigeria for the Collection of this Payment, they told me that your relatives asked them to come and collect these funds on your Behalf, infarct it was the biggest shock that this Bank have ever received so far because you'r overdue funds is still in the"Federal Suspense account" of CBN, yet you sent these men to come and Collect the Funds on your behalf without notifying us.

We in this Bank do not understand why you sent these men to come and Collect your funds on your behalf, if actually you wanted them to help you collect your overdue bill Sum, at least you Should have informed me as the Executive Governor of this Bank.they tendered some vital documents which proved that you actually sent them for the collection of these funds, honestly, it really baffled me that you took such decision Without my consent.

Here are the documents which they tendered to this Bank today:
1. LETTER OF ADMINISTRATION.
2. HIGH COURT INJUCTION.
3. RELEASE ORDER.
(4) DEATH CERTIFICATE.

These documents which they tendered to this noble Bank is a clear Proof that you sent them to Collect this funds for you, finally, i told them to come back by Monday morning and they promised to come back,kindly clarify us on this issue before we make this Payment to these foreigners who came on your behalf, you are also required to send your full information to me as Stated below:Due to diversion and manipulating acts by some staffs,there is a restrictions placed on the funds to avoid fraudulent acts by the impostors again, that is what we are trying to wipe out from our foreign beneficiaries, if you want your funds contact the assigned office.

You’re full Names...
Home Address...
Active Telephone Number...
A scan copy of your international passport

Awaiting your urgent reply through this email

Email analysis :

NOTE : cbnpaymentnotifica@yahoo.co.nz
NOTE : 66.163.186.204

Thursday, October 5, 2017

Your Apple ID: Access from new web or mobile device (Apple ID Phishing)

Dear Apple Customer,

This email was generated because of a login attempt from a web or mobile device located at 88.190.229.170 (FR). The login attempt included your correct Apple ID and password. The Apple ID Guard is required to complete the login. No one can access your account without also accessing this email. You are unable to access your account. Please use this account specific recovery link for assistance recovering your account.

Recovering my account

Thanks,
The Apple Team
https://support.apple.com

TM and copyright © 2017 Apple Inc. 1 Infinite Loop, MS 96-DM, Cupertino, CA 95014.
All Rights Reserved / Keep Informed / Privacy Policy / My Apple ID

Email analysis :

NOTE : Return-Path : < f@node02.facesharedasia1.com >
NOTE : Return-Path : f@node02.facesharedasia1.com
NOTE : Mime-Version : 1.0
NOTE : Content-Type : multipart/alternative; boundary="===============1462413996=="
NOTE : Received-Spf : client-ip=216.127.151.37;
NOTE : Received : from WIN-6Q15KS5IKGJ ([216.127.151.37])


NOTE : Received : from [38.121.232.25]


NOTE : Your Apple ID: Access from new web or mobile device

Phishing analysis :

CLICK : Recovering my account
OPEN : https://pmb.stiemmamuju.ac.id/index1.html
REDIRECT : http://inboxaus.com/apple/627f3b5930cd81c983453025ffe207da/login.php?ip=*
SCREENSHOT :


VALIDATE : FORM
REDIRECT : http://inboxaus.com/apple/627f3b5930cd81c983453025ffe207da/suspended.php?ip=*
SCREENSHOT :


CLICK : Confirm My Account
REDIRECT : http://inboxaus.com/apple/627f3b5930cd81c983453025ffe207da/personal.php?ip=*

IMF REPS BENIN

Attention

We have concluded to transfer your payment- through-western union $3,000 daily until the$1,7million US is completely transferred to you accordingly. Though,Director John Basil has sent $3,000 in your name today so contact Agent:below with your full Name,phone contact and address

Name:Raymond Ejide
TEL: +22999613677
Email:unionwestern235@gmail.com

So hasten up and give the agent a call to process your payment at once.Ask him for the MTCN sender name and test Question/Answer to pick up your first payment of $3,000, and also ask him how much it will cost you for the transfer.

ThanksFrom Hon Mr.Wayne Power
IMF REPS BENIN

Email analysis :

NOTE : unionwestern235@gmail.com
NOTE : "WWW."@ninus.ocn.ne.jp
NOTE : X-Originating-Ip : [41.74.9.27]

Monday, October 2, 2017

Re-Change of Funds Ownership.

Attention: Beneficiary.

Re-Change of Funds Ownership.

This is to bring to your notice that the Ecowas Chairman President Faure Gnassingbe, has constituted a 10 man investigative Panel and foreign Debts reconciliation committee, which I am the Chairman of the presidential committee saddled with the responsibility to investigate all the banks here in Ecowas, who has trapped and held beneficiaries Compensation/inheritance/NNPC contract Fund claims unpaid. To settle all the foreign debt after his recent Telephone conversation with the World Bank and other officials of the United Nation to enable him give a zero tolerance to corruption in his regime. I am solely in charge of all foreign payments. At the commencement of my official responsibility geared towards payment to foreign beneficiaries. I received a letter that your unclaimed approved payment by the Ecowas Banks which has been overdue for payment should now be paid to Gary Johnson Lee from your Country. In the said letter titled change of Beneficiary/Ownership. Its clearly stated that you are dead and that he is your next of kin, it went further to say you signed a deed and an agreement with Gary Johnson Lee to become your beneficiary before your untimely death. Officially arrangement had been concluded for the approved funds transfer into his account. But because of the elaborate global scam, I decided to contact you first for confirmation before transferring the funds and if after seven working days, no response is received from you, it will be assumed that you are dead and as such authorization and approval will be granted on behalf of Gary Johnson Lee to claim/receive your fund. But if you are well and alive then confirm this letter and reconfirm your Information without any further delay. Send your responses to me Immediately by email.

Below is the information you are expected to re-confirm.

Full Name: ......
Address: .......
Nationality:......
Sex: .....
Age: .....
Date of Birth: ......
Occupation: .............
Mobile Phone: .......
Driver's license or any copy of Your Identity: .....

Please feel free to contact me on this email address (inforenqu11@gmail.com ) only for further clarifications regarding this matter.

Sincerely, I WAIT FOR YOUR URGENT RESPONSE.

YOURS IN SERVICE ,

Dr.Buam Atekpa
SECRETARY AMNESTY PANEL COMMITTEE EMAIL :
inforenqu11@gmail.com

Email analysis :

NOTE : inforenqu11@gmail.com
NOTE : officee35@daum.net
NOTE : fortunataapple@gmail.com
NOTE : X-Originating-Ip : [41.86.234.162]

Money Gram global money transfer services

Attention,

Following the instruction to pay all scam victims $1.8 Million each by IMF through Money Gram service, we wish to inform you that your email address was one of the lucky ones to receive this prize. You will be receiving $5000 daily until the whole amount is completely transferred to you, today we have already sent you $5000, but to make sure that there is no mistake; the reference information cannot be forwarded now until you confirm the following:

1. Name
2. Address
3. Phone
4. Occupation
5. Age
6. Country

The above information should be directed to: Dr Jonathan Ebele, at this email: jonathaneble009@gmail.com. telephone number: +22998650656, also include this transaction

secret code: MGX678G. Note: Your file will expire after 7 days if there is no response, then we will not have any option than to return your fund to IMF as unclaimed.Your swift response will enhance our service, thanks for your co-operation

Regards,

Dr Desmond Eric

Money Gram global money transfer services

Email analysis :

NOTE : "www."@axel.ocn.ne.jp
NOTE : jonathaneble009@gmail.com
NOTE : X-Originating-Ip : [197.234.219.18]