U.S ARMY IN AFGHANISTAN

Hi My Friend,

I am Col Brian D Kent, Commander of the, 3rd HBCT/ 3ID Sledgehammer Peace keeping Force deployed to Kabul, Afghanistan from Iraq. Can you be trusted? I have some Important items to ship to you, get back to me as per for more information Through my private mail { colbrian_dkent@aol.co.uk } I will explain further when I get a response from you.

Respectfully,
Col Brian D Kent
US 3rd HBCT Corps. Kabul

Email analysis :

NOTE : Content-Type : text/plain; charset="iso-8859-1"
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < info@captain.com >
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : Received : from zcs.gov.mg ([127.0.0.1])
NOTE : Received : from [180.215.247.79] (unknown [180.215.247.79]) by zcs.gov.mg
NOTE : X-Virus-Scanned : amavisd-new at gov.mg
NOTE : client-ip=41.190.238.151;

NOTE : Content-Description : Mail message body
NOTE : U.S ARMY IN AFGHANISTAN

Alert From Alibaba (Alibaba phishing)

Alibaba

Dear Valued User:

Alibaba service verification !

Your Alibaba service account needs an important email verification due to the new upgrade on our system security server. you are therefore required to verify your email account by following the reference below:

Click here now to get your email verified >>

Wishing you the very best of business!
Alibaba.com’s Service Team
This is an automated email. Please do not reply directly.

If you have any questions, please review the privacy protection rules
Hotline: 0571-85027110 E-mail: ali@alibaba-inc.com Service Center

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html
NOTE : Return-Path : < http@neo.backiel.com.pl >
NOTE : Received : from neo.backiel.com.pl (neo.backiel.com.pl. [194.88.154.10])
NOTE : Received : by neo.backiel.com.pl (Postfix, from userid 51)
NOTE : X-Php-Originating-Script : 51:mailer.php
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Alert From Alibaba

Phishing analysis :

CLICK : Click here now to get your email verified >>
OPEN : http://shopzza.com/alibaba/index.html
VALIDATE :

REDIRECT : http://shopzza.com/alibaba/processing.html

shopzza.com whois :

Domain Name: SHOPZZA.COM
Registry Domain ID: 1749924326_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: www.publicdomainregistry.com
Updated Date: 2014-10-06T18:34:16Z
Creation Date: 2012-10-04T19:31:54Z
Registrar Registration Expiration Date: 2015-10-04T19:31:54Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1-2013775952
Domain Status: clientTransferProhibited
Registry Registrant ID: PP-SP-001
Registrant Name: Domain Admin
Registrant Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org
Registrant City: Nobby Beach
Registrant State/Province: Queensland
Registrant Postal Code: QLD 4218
Registrant Country: AU
Registrant Phone: +45.36946676
Registrant Email: contact@privacyprotect.org
Registry Admin ID: PP-SP-001
Name Server: ns1.gvodns.com
Name Server: ns2.gvodns.com
DNSSEC:Unsigned
Registration Service Provided By: HOST-CARE.COM

Contact Michael Tim (Esq)

Irregular check card activity
American Express

Dear Customer,

We detected irregular card activity on your American Express Check Card on 21 October, 2014. As the Primary Contact, you must verify your credit card activity before you can continue using your card, and upon verification, we will remove any restrictions placed on your card. To review your account as soon as possible please click on the link below.

http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html

Thank you for your Card Membership.

-------------
American Express Customer Care
Fraud Department:
Erica Bermudez
Level III Security Officer

Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < ywvh@boston.sisna.com >
NOTE : Received : from host29.181-14-177.telecom.net.ar (181.14.177.29)
NOTE : Irregular card activity

Phishing analysis :

CLICK : http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html
NOTE : page was corrected by admin

ucsdiagnostic.com whois :

Domain Name: UCSDIAGNOSTIC.COM
Registrar URL: http://www.wildwestdomains.com
Registrant Name: Antonio Santoro
Registrant Organization: UCS DIAGNOSTIC S.R.L.
Name Server: NS1.OMNIBUS.NET
Name Server: NS2.OMNIBUS.NET
DNSSEC: unsigned

your payment is available.

Western Union®Welcome to Western Union
Send Money Worldwide
Our Ref:WUMT0XX2/987
Email; (richardwhite595@gmail.com).
Telephone: +22999867970.

Attention Dear Value Customer,

Welcome to Western Union Money Transfer Agent, We wish to inform you that the IMF have release your fund sum of $2,8 million US dollars issued on your name the money was deposited with us in this Office as MTCN credit card, we shall be sending the money to you everyday $5000.00usd until we complete the total payment. We are very glad to inform you that we have credit your first payment of $5000.00usd, but bare it in mind that the $5000.00usd will not be given to you except you pay for transfer charge which is $68.00, you have to pay the money through our service western union to the information we give you here, then after confirm the payment of $68.00 from you, we shall release your first $5000.00usd to enable you pick it up and get back to us for the second payment,As you can see here is the MTCN Number of your first payment which we credited for you today, track it with our website: www.westernunion.com, to confirm that your payment is available.

1)Senders Name::Godwin Onyia
2)MTCN Number::: 6890479748
3)Amount::: $5000.00 USD.

Track it with our website: www.westernunion.com

Note that on your reply this massage make sure you send the full information to this E-mail here(richardwhite595@gmail.com) Remember that the full details you can use to pick up this first payment will be send to you once we receive the transfer charge of $68.00, You have to treat urgent by reconfirming your full information to us immediately you receive this massage to enable us start the process of your payment immediately.

1.Your Full Name...
2.Your Address...
3.Your Tel Number....
4.Occupation.......
5.Country....
6.City.........
7.Age..........

These are the information about your money you can go to any western union to pick up the money, don't forget that you have to settle for the transfer charge before we can give the full information of your first payment of $5000.oousd we waiting to receive the above information from your so that we can direct you where to send the transfer charge of $68.00 which is only delay now, kindly get back to us with the required information so that we can direct you where to send the fee of $68.00. We looks forward to receive the transfer charge together with your full information, to enable us release this first $5000.00usd for you to pick it up and get back to us for the second payment ok. For more information's Call +229 9986-7970. Get Back ASAP.

Yours in service
MR. richard white.
Tel: +229 99867970..
E-MAIL:(richardwhite595@gmail.com)
Western Union Benin Republic Manager.

ADMIN.IN.TH

Whois Server Version 2.1.2

Domain: ADMIN.IN.TH
Registrar: T.H.NIC Co., Ltd.
Name Server: NS1.ADMIN.IN.TH
Name Server: NS2.ADMIN.IN.TH
Status: ACTIVE
Updated date: 15 May 2014
Created date: 2 Nov 2005
Renew date: 2 Nov 2014
Exp date: 1 Nov 2015
Domain Holder: Suphachai Phirungreng ( คุณศุภชัย ไพรรุ่งเรือง )
846/121 Bongmod Tungkru Bangkok
10140 TH

Tech Contact: 68990
บริษัท แอดมิน ซิสเต็มท์ อินเตอร์เน็ต โซลูชั่น จำกัด
511/15 ถ.ประชาอุทิศ แขวงทุ่งครุ เขตทุ่งครุ กทม.
10140 TH

EC21 Membership Update. (EC21 Phishing)

Date: 2014.10.29

Dear Valued User:
EC21.com service verification !

Your EC21.com service account needs an important email verification due to the new upgrade on our system security server. you are therefore required to verify your email account by following the reference below:

Click here now to get your email verified >>

Thank you.
EC21 service team
support@ec21.com

Dynamic Marketplace for Global B2B – EC21
Copyright(c) EC21 Inc. All Rights Reserved.

Phishing analysis :

CLICK : Click here now to get your email verified >>
OPEN : http://sudhasheth.com/EC21.com/index.html
VALIDATE FORM :

REDIRECT : http://supplier.ec21.com/

sudhasheth.com whois :

Domain Name: SUDHASHETH.COM
Registrar URL: http://www.wildwestdomains.com
Registrant Name: sudha sheth
Name Server: NS1.GVODNS.COM
Name Server: NS2.GVODNS.COM
DNSSEC: unsigned
Registry Registrant ID:
Registrant Name: sudha sheth
Registrant Organization:
Registrant Street: 1201,Era 4,MarathonNextgen ganpatrao Kadam marg,
Registrant City: Mumbai
Registrant State/Province: Maharashtra
Registrant Postal Code: 400013
Registrant Country: India
Registrant Phone: +91.9987498648
Registrant Email: shethsudha@hotmail.com

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html
NOTE : Return-Path : < http@neo.backiel.com.pl >
NOTE : Received : from neo.backiel.com.pl (neo.backiel.com.pl. [194.88.154.10])
NOTE : Received : by neo.backiel.com.pl (Postfix, from userid 51)
NOTE : Received-Spf : client-ip=194.88.154.10;
NOTE : X-Php-Originating-Script : 51:mailer.php
NOTE : Content-Transfer-Encoding : 8bit
NOTE : EC21 Membership Update.

Diplomat Louis Thomas

From:Diplomat Louis Thomas
United State, New York.

This is to inform you that your funds of US$7.5 Million has been approved for immediate delivery to you. For the purpose of clarification,you are advised to reconfirm your Full Names,Direct Mobile, Home, Office Telephone Numbers, Your International Passport or Driver's License,Physical Address with Zip Code and your so that there will been no error during the delivery of the funds to you in your country of residence. Your quick response will be highly appreciated.

From:Diplomat Louis Thomas

Reward Notification

Final Notification

We are delighted to announce that your e-mail address has just won you the sum of $2.5 Million in our E-mail free Online draws held in England October 2014. Your e-mail emerge in category A and you are entitled to reward sum of $2.5 with this Free Ticket Numbers:EGN658214. You are advised to immediately send your contact details to Dr.John J. Dignam.on his email address (johnkig2@aol.com) Tel: +447448769707 for immediate transfer of your reward cash prize to you. N.B. Any breach of confidentiality on the part of the Winners will result to disqualification, You are to immediately contact Dr.John J Dignam only with this email (johnkig2@aol.com)

Kind Regards
Dr.John K. Dignam.
Tel: +447448769707
Email: johnkig2@aol.com

Email analysis :

NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < 101@ushk.ru >
NOTE : Return-Path : 101@ushk.ru
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.00.2600.0000
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Mailer : Microsoft Outlook Express 6.00.2600.0000
NOTE : Content-Transfer-Encoding : 7bit
NOTE : X-Clientproxiedby : EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : To EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : Content-Type : text/plain; charset="Windows-1251"
NOTE : Received-Spf : client-ip=195.58.7.97;
NOTE : Received : from mail.ushk.ru (mail.ushk.ru. [195.58.7.97])
NOTE : Received : from User (192.168.0.1) by EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : Final Notification

Rép : FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR

FEDERAL RESERVE BANK,
Intl. Banking Centre
33 Liberty street, New York
NY 10045

To: Sir,

This message is intended for the named recipient only and may contain privileged and confidential information. If you have received this in error, please notify us immediately. Please do not disclose the contents to anyone or copy it to outside parties. Thank you.

RE: FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR

We write to you regarding the difficulties you have been having in receiving your long over dued payment, based on the reports by the FBI, The Government has issued an express order that all beneficiaries such as you be paid immediately, the government will buy back the debt owed to you and recover the funds itself because it will be impossible for you as an individual to receive the payment, Following the directives of the government regarding your over delayed payment, we wish to let you know that we have been having a series of meetings with the Department of Homeland Security,Washington, USA, the United Nations and the World Bank regarding the immediate release your funds to your designated bank account. We wish to explain further that we were authorized to release the funds to your account immediately to avoid all you have been going through in the past, we have verified and approved the funds for immediate remittance to your account, to this end we advise that you send the following information to me via email so we can commence with the transfer immediately.

Your full name:
Your Telephone Number:
Your Home Address.
Your complete banking details
Your Occupation
The expected amount

Once we receive the information we will verify them and then get back to you with the final transfer process. Your urgent response to this message is expected, you are advised to STOP all communications with anyone else regarding this payment, if the government discovers that you are still making contacts with other people we will be forced to cancel this payment permanently and I assure you it will never be paid again. Your urgent response shall expedite the remittance of your funds within the next few banking days.

Kindly contact us via this email add ( info@federalreservebank.tk )

Regards,
MS. CHRISTINE CUMMING
Vice President

Email analysis :

NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < federalreservebank3@yahoo.es >
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.00.2600.0000
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : Content-Transfer-Encoding : 7bit
NOTE : X-Mailer : Microsoft Outlook Express 6.00.2600.0000
NOTE : Content-Type : text/html; charset="Windows-1251"
NOTE : Received : from unknown (HELO s18541.pbxtra.fonality.com)
NOTE : (207.8.234.158)
NOTE : Received : from User (pbxtra18541 [127.0.0.1])
NOTE : by s18541.pbxtra.fonality.com (Postfix)
NOTE : Rép : FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR

INTERNATIONAL DEBT SETTLEMENT DEPARTMENT

ATTENTION BENEFICIARY

Am Jim Eric White United Nation Organization representative in west Africa with base in Benin Republic going by series of petition received from International Financial Agencies on the way your inheritance fund was handled by our correspondence office, after extensive close door meeting with Board of Directors and other Stakeholders in the Government, Subcommittees of the Federal Republic of Benin. It has been resolved and agreed upon that your Inheritance Fund would be released to you on a special method of payment, which is SWIFT ATM CARD. This method of payment is designed by the Government to avert fraud perpetration or stoppage of fund by some Agencies either through Anti-Terrorist Certificate or other certificates and this swift atm card would be issued to you upon meeting the Bank Requirement. Furthermore,this office has been mandated to take charge of the Issuance of the credit card, and your inheritance payment file should be passed to my desk for clarification upon certification that your file is OK. This Office would direct you on how to receive your overdue inheritance fund via SWIFT ATM CARD. The card would be delivered to you via Courier service and in the light of this aforementioned, you are required to furnish this office with the following information if different from the one we already have:

Your Full Name........................................
Address:..............................................
Country of origin......................................
Occupation............................................
Your Next of Kin Name.................................
your date of Birth....................................
Your telephone number.................................
fax...................................................
Office address(if any)................................

This information would be used in opening of an account here and its from the account that the ATM Card would be used in the issuance of swift atm card in your favor with the card number and all your information inserted into the card, Upon completion of this issuance of the ATM Card it will be sent to you via Courier service to your residential address. Kindly furnish this office with your contact information in order to reconfirm if its in line with the one contained in our payment data. Be informed that your fund has been called back and its now in suspended account here UNITED BANK FOR AFRICA (UBA) and a new account will be opened in your name before the Card is issued.

Waiting for an urgent response via our office mail address: officefile19@yahoo.com

Yours Faithfully,
Mr. Jim Eric White
United Nation org. Reps.
West Africa

Ce n'était pas facile, mais j'ai réussi

Bonjour ,

Je suis Prof. Dr. F. Brandt et je viens de trouver la faille dans les systèmes de roulettes sur les casinos en ligne. Il n’a pas été facile, mais j’ai utilisé mes connaissances en informatiques et cryptographiques et j’ai réussi. Il fonctionne à 100% et c'est incroyablement simple.

Jouez maintenant et commencez de gagner!

Si vous avez des questions, n'hésitez pas à me demander.

À bientôt!
Prof. Dr. F. Brandt

Email analysis :

NOTE : Return-Path : < brandtmethode@silver-trace.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Received : from mail4.silver-trace.com
NOTE : (HELO 2091042181064.silver-trace.com) (209.104.218.106)

Link analysis :

CLICK : Jouez maintenant et commencez de gagner!

OPEN : http://silver-trace.com/link.php
PARAM : ?M=55865709
PARAM : &N=78152
PARAM : &K=501bed76e96969e2e28f00282516c799
PARAM : &L=105444
PARAM : &W=34216
PARAM : &F=H

REDIRECT : http://www.brandtmethod.com/FR/
PARAM : ?tid=465450983d25880

silver-trace.com whois :

Domain Name: SILVER-TRACE.COM
Registry Domain ID: 1870222565_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.instra.net
Registrar URL: http://www.instra.com/
Updated Date: 2014-08-14T17:56:22Z
Creation Date: 2014-08-08T12:59:11Z
Registrar Registration Expiration Date: 2015-08-08T12:59:11Z
Registrar: Instra Corporation Pty Ltd.
Registrar IANA ID: 1376
Registrar Abuse Contact Email: legal@instra.com
Registrar Abuse Contact Phone: +61.397831800
Reseller: Instra Corporation Pty Ltd http://www.instra.com/
Domain Status: ok - http://www.icann.org/epp#OK
Registrant Name: Barbara Carmack
Registrant Street: 3355 West 80th Street
Registrant City: Hialeah
Registrant State/Province: Florida
Registrant Postal Code: 33018 Registrant Country: US
Registrant Phone: +1.3058270049
Registrant Email: barbara_carmack@yahoo.com

brandtmethod.com whois :

Domain Name: BRANDTMETHOD.COM
Registry Domain ID: 1876157951_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.instra.net
Registrar URL: http://www.instra.com/ Updated Date: 2014-10-09T18:44:10Z
Creation Date: 2014-09-17T14:09:35Z
Registrar Registration Expiration Date: 2015-09-17T14:09:35Z
Registrar: Instra Corporation Pty Ltd.
Registrar IANA ID: 1376
Registrar Abuse Contact Email: legal@instra.com
Registrar Abuse Contact Phone: +61.397831800/
Registrant Name: C/O Private Ranger Limited
Registrant Organization: Registrant of brandtmethod.com
Registrant Street: Level 31 Vero Centre, 48 Shortland Street
Registrant City: Auckland Registrant State/Province: Auckland District
Registrant Postal Code: 1010 Registrant Country: NZ
Registrant Phone: +64.98011234
Registrant Email: 6852201@privateranger.com

CHINA SHIPPING

Dear friend,

Nice day!

This is Kevin,we are a professional international freight forwarder in Shenzhen China. As an importer if you have any cargos from China(Shenzhen/Guangzhou/Shanghai/Ningbo/Qingdao...), we hope we can serve you with shipping by sea or air. As your territory is contained in our advantage shipping line.

Here are our core business:

- FCL/LCL sea freight
- Air freight
- customs clearance
- collect goods from different suppliers
- bonded warehouse
- Related paper work
- insurance agent business

If you have any inquiries, we surely offer our competitive rates and professional service to you! Hope we can start our cooperation in near future!

Best Regards
KEVIN

*******************************************************
CHINA PLUS LOGISTICS LTD
Room 906,North Block,International Commercial Building,
Renmin Nan Road,Luohu District,Shenzhen,China
TEL:86-0755-82196550 MOB:86-13533252054
FAX:86-0755-82209825
QQ:32841398
SKYPE:ehaifeng99
Website:www.plus-cargo.com