U.S ARMY IN AFGHANISTAN

Hi My Friend,

I am Col Brian D Kent, Commander of the, 3rd HBCT/ 3ID Sledgehammer Peace keeping Force deployed to Kabul, Afghanistan from Iraq. Can you be trusted? I have some Important items to ship to you, get back to me as per for more information Through my private mail { colbrian_dkent@aol.co.uk } I will explain further when I get a response from you.

Respectfully,
Col Brian D Kent
US 3rd HBCT Corps. Kabul

Email analysis :

NOTE : Content-Type : text/plain; charset="iso-8859-1"
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < info@captain.com >
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : Received : from zcs.gov.mg ([127.0.0.1])
NOTE : Received : from [180.215.247.79] (unknown [180.215.247.79]) by zcs.gov.mg
NOTE : X-Virus-Scanned : amavisd-new at gov.mg
NOTE : client-ip=41.190.238.151;

NOTE : Content-Description : Mail message body
NOTE : U.S ARMY IN AFGHANISTAN

Alert From Alibaba (Alibaba phishing)

Alibaba

Dear Valued User:

Alibaba service verification !

Your Alibaba service account needs an important email verification due to the new upgrade on our system security server. you are therefore required to verify your email account by following the reference below:

Click here now to get your email verified >>

Wishing you the very best of business!
Alibaba.com’s Service Team
This is an automated email. Please do not reply directly.

If you have any questions, please review the privacy protection rules
Hotline: 0571-85027110 E-mail: ali@alibaba-inc.com Service Center

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html
NOTE : Return-Path : < http@neo.backiel.com.pl >
NOTE : Received : from neo.backiel.com.pl (neo.backiel.com.pl. [194.88.154.10])
NOTE : Received : by neo.backiel.com.pl (Postfix, from userid 51)
NOTE : X-Php-Originating-Script : 51:mailer.php
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Alert From Alibaba

Phishing analysis :

CLICK : Click here now to get your email verified >>
OPEN : http://shopzza.com/alibaba/index.html
VALIDATE :

REDIRECT : http://shopzza.com/alibaba/processing.html

shopzza.com whois :

Domain Name: SHOPZZA.COM
Registry Domain ID: 1749924326_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: www.publicdomainregistry.com
Updated Date: 2014-10-06T18:34:16Z
Creation Date: 2012-10-04T19:31:54Z
Registrar Registration Expiration Date: 2015-10-04T19:31:54Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1-2013775952
Domain Status: clientTransferProhibited
Registry Registrant ID: PP-SP-001
Registrant Name: Domain Admin
Registrant Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org
Registrant City: Nobby Beach
Registrant State/Province: Queensland
Registrant Postal Code: QLD 4218
Registrant Country: AU
Registrant Phone: +45.36946676
Registrant Email: contact@privacyprotect.org
Registry Admin ID: PP-SP-001
Name Server: ns1.gvodns.com
Name Server: ns2.gvodns.com
DNSSEC:Unsigned
Registration Service Provided By: HOST-CARE.COM

Contact Michael Tim (Esq)

Irregular check card activity
American Express

Dear Customer,

We detected irregular card activity on your American Express Check Card on 21 October, 2014. As the Primary Contact, you must verify your credit card activity before you can continue using your card, and upon verification, we will remove any restrictions placed on your card. To review your account as soon as possible please click on the link below.

http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html

Thank you for your Card Membership.

-------------
American Express Customer Care
Fraud Department:
Erica Bermudez
Level III Security Officer

Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < ywvh@boston.sisna.com >
NOTE : Received : from host29.181-14-177.telecom.net.ar (181.14.177.29)
NOTE : Irregular card activity

Phishing analysis :

CLICK : http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html
NOTE : page was corrected by admin

ucsdiagnostic.com whois :

Domain Name: UCSDIAGNOSTIC.COM
Registrar URL: http://www.wildwestdomains.com
Registrant Name: Antonio Santoro
Registrant Organization: UCS DIAGNOSTIC S.R.L.
Name Server: NS1.OMNIBUS.NET
Name Server: NS2.OMNIBUS.NET
DNSSEC: unsigned

your payment is available.

Western Union®Welcome to Western Union
Send Money Worldwide
Our Ref:WUMT0XX2/987
Email; (richardwhite595@gmail.com).
Telephone: +22999867970.

Attention Dear Value Customer,

Welcome to Western Union Money Transfer Agent, We wish to inform you that the IMF have release your fund sum of $2,8 million US dollars issued on your name the money was deposited with us in this Office as MTCN credit card, we shall be sending the money to you everyday $5000.00usd until we complete the total payment. We are very glad to inform you that we have credit your first payment of $5000.00usd, but bare it in mind that the $5000.00usd will not be given to you except you pay for transfer charge which is $68.00, you have to pay the money through our service western union to the information we give you here, then after confirm the payment of $68.00 from you, we shall release your first $5000.00usd to enable you pick it up and get back to us for the second payment,As you can see here is the MTCN Number of your first payment which we credited for you today, track it with our website: www.westernunion.com, to confirm that your payment is available.

1)Senders Name::Godwin Onyia
2)MTCN Number::: 6890479748
3)Amount::: $5000.00 USD.

Track it with our website: www.westernunion.com

Note that on your reply this massage make sure you send the full information to this E-mail here(richardwhite595@gmail.com) Remember that the full details you can use to pick up this first payment will be send to you once we receive the transfer charge of $68.00, You have to treat urgent by reconfirming your full information to us immediately you receive this massage to enable us start the process of your payment immediately.

1.Your Full Name...
2.Your Address...
3.Your Tel Number....
4.Occupation.......
5.Country....
6.City.........
7.Age..........

These are the information about your money you can go to any western union to pick up the money, don't forget that you have to settle for the transfer charge before we can give the full information of your first payment of $5000.oousd we waiting to receive the above information from your so that we can direct you where to send the transfer charge of $68.00 which is only delay now, kindly get back to us with the required information so that we can direct you where to send the fee of $68.00. We looks forward to receive the transfer charge together with your full information, to enable us release this first $5000.00usd for you to pick it up and get back to us for the second payment ok. For more information's Call +229 9986-7970. Get Back ASAP.

Yours in service
MR. richard white.
Tel: +229 99867970..
E-MAIL:(richardwhite595@gmail.com)
Western Union Benin Republic Manager.

ADMIN.IN.TH

Whois Server Version 2.1.2

Domain: ADMIN.IN.TH
Registrar: T.H.NIC Co., Ltd.
Name Server: NS1.ADMIN.IN.TH
Name Server: NS2.ADMIN.IN.TH
Status: ACTIVE
Updated date: 15 May 2014
Created date: 2 Nov 2005
Renew date: 2 Nov 2014
Exp date: 1 Nov 2015
Domain Holder: Suphachai Phirungreng ( คุณศุภชัย ไพรรุ่งเรือง )
846/121 Bongmod Tungkru Bangkok
10140 TH

Tech Contact: 68990
บริษัท แอดมิน ซิสเต็มท์ อินเตอร์เน็ต โซลูชั่น จำกัด
511/15 ถ.ประชาอุทิศ แขวงทุ่งครุ เขตทุ่งครุ กทม.
10140 TH

EC21 Membership Update. (EC21 Phishing)

Date: 2014.10.29

Dear Valued User:
EC21.com service verification !

Your EC21.com service account needs an important email verification due to the new upgrade on our system security server. you are therefore required to verify your email account by following the reference below:

Click here now to get your email verified >>

Thank you.
EC21 service team
support@ec21.com

Dynamic Marketplace for Global B2B – EC21
Copyright(c) EC21 Inc. All Rights Reserved.

Phishing analysis :

CLICK : Click here now to get your email verified >>
OPEN : http://sudhasheth.com/EC21.com/index.html
VALIDATE FORM :

REDIRECT : http://supplier.ec21.com/

sudhasheth.com whois :

Domain Name: SUDHASHETH.COM
Registrar URL: http://www.wildwestdomains.com
Registrant Name: sudha sheth
Name Server: NS1.GVODNS.COM
Name Server: NS2.GVODNS.COM
DNSSEC: unsigned
Registry Registrant ID:
Registrant Name: sudha sheth
Registrant Organization:
Registrant Street: 1201,Era 4,MarathonNextgen ganpatrao Kadam marg,
Registrant City: Mumbai
Registrant State/Province: Maharashtra
Registrant Postal Code: 400013
Registrant Country: India
Registrant Phone: +91.9987498648
Registrant Email: shethsudha@hotmail.com

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html
NOTE : Return-Path : < http@neo.backiel.com.pl >
NOTE : Received : from neo.backiel.com.pl (neo.backiel.com.pl. [194.88.154.10])
NOTE : Received : by neo.backiel.com.pl (Postfix, from userid 51)
NOTE : Received-Spf : client-ip=194.88.154.10;
NOTE : X-Php-Originating-Script : 51:mailer.php
NOTE : Content-Transfer-Encoding : 8bit
NOTE : EC21 Membership Update.

Diplomat Louis Thomas

From:Diplomat Louis Thomas
United State, New York.

This is to inform you that your funds of US$7.5 Million has been approved for immediate delivery to you. For the purpose of clarification,you are advised to reconfirm your Full Names,Direct Mobile, Home, Office Telephone Numbers, Your International Passport or Driver's License,Physical Address with Zip Code and your so that there will been no error during the delivery of the funds to you in your country of residence. Your quick response will be highly appreciated.

From:Diplomat Louis Thomas

Reward Notification

Final Notification

We are delighted to announce that your e-mail address has just won you the sum of $2.5 Million in our E-mail free Online draws held in England October 2014. Your e-mail emerge in category A and you are entitled to reward sum of $2.5 with this Free Ticket Numbers:EGN658214. You are advised to immediately send your contact details to Dr.John J. Dignam.on his email address (johnkig2@aol.com) Tel: +447448769707 for immediate transfer of your reward cash prize to you. N.B. Any breach of confidentiality on the part of the Winners will result to disqualification, You are to immediately contact Dr.John J Dignam only with this email (johnkig2@aol.com)

Kind Regards
Dr.John K. Dignam.
Tel: +447448769707
Email: johnkig2@aol.com

Email analysis :

NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < 101@ushk.ru >
NOTE : Return-Path : 101@ushk.ru
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.00.2600.0000
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Mailer : Microsoft Outlook Express 6.00.2600.0000
NOTE : Content-Transfer-Encoding : 7bit
NOTE : X-Clientproxiedby : EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : To EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : Content-Type : text/plain; charset="Windows-1251"
NOTE : Received-Spf : client-ip=195.58.7.97;
NOTE : Received : from mail.ushk.ru (mail.ushk.ru. [195.58.7.97])
NOTE : Received : from User (192.168.0.1) by EX-CA-MB-01.USHK.RU (fc00:1:1:1::15)
NOTE : Final Notification

Rép : FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR

FEDERAL RESERVE BANK,
Intl. Banking Centre
33 Liberty street, New York
NY 10045

To: Sir,

This message is intended for the named recipient only and may contain privileged and confidential information. If you have received this in error, please notify us immediately. Please do not disclose the contents to anyone or copy it to outside parties. Thank you.

RE: FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR

We write to you regarding the difficulties you have been having in receiving your long over dued payment, based on the reports by the FBI, The Government has issued an express order that all beneficiaries such as you be paid immediately, the government will buy back the debt owed to you and recover the funds itself because it will be impossible for you as an individual to receive the payment, Following the directives of the government regarding your over delayed payment, we wish to let you know that we have been having a series of meetings with the Department of Homeland Security,Washington, USA, the United Nations and the World Bank regarding the immediate release your funds to your designated bank account. We wish to explain further that we were authorized to release the funds to your account immediately to avoid all you have been going through in the past, we have verified and approved the funds for immediate remittance to your account, to this end we advise that you send the following information to me via email so we can commence with the transfer immediately.

Your full name:
Your Telephone Number:
Your Home Address.
Your complete banking details
Your Occupation
The expected amount

Once we receive the information we will verify them and then get back to you with the final transfer process. Your urgent response to this message is expected, you are advised to STOP all communications with anyone else regarding this payment, if the government discovers that you are still making contacts with other people we will be forced to cancel this payment permanently and I assure you it will never be paid again. Your urgent response shall expedite the remittance of your funds within the next few banking days.

Kindly contact us via this email add ( info@federalreservebank.tk )

Regards,
MS. CHRISTINE CUMMING
Vice President

Email analysis :

NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < federalreservebank3@yahoo.es >
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V6.00.2600.0000
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : Content-Transfer-Encoding : 7bit
NOTE : X-Mailer : Microsoft Outlook Express 6.00.2600.0000
NOTE : Content-Type : text/html; charset="Windows-1251"
NOTE : Received : from unknown (HELO s18541.pbxtra.fonality.com)
NOTE : (207.8.234.158)
NOTE : Received : from User (pbxtra18541 [127.0.0.1])
NOTE : by s18541.pbxtra.fonality.com (Postfix)
NOTE : Rép : FINAL NOTICE ON THE TRANSFER OF YOUR FUNDS IN YOUR FAVOR