Sunday, June 19, 2016

APPROVED BY UNITED NATIONS.

INTERNATIONAL FUNDS AUDIT UNIT
UNITED NATIONS LIAISON OFFICE NEW-YORK, USA
870 UNITED NATIONS PLAZA 20-A NEW YORK NY 10017
OUR REF: US/NF/UN/XX2016

FUND US1.5MILLION APPROVED BY UNITED NATIONS

Attn Beneficiary,

We write to inform you that Series of meetings have been held over the past 2weeks with the Secretary General of the United Nations Organization, International Community Board and U.S.Department of State and Africa Union Organization this ended last week. During the meeting, this organization discovered that you have not received your funds due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund. The International Community Board Committee enhanced by the United Nations/ U.S.Department of State and Africa Union Organization have successfully passed a payment mandate release order to the Bank to clear all over due Contract funds, Lottery winnings and Inheritance funds owed to you and other individuals and organizations who have been found not to have receive their funds. Note that your payment file submitted to the Bank in question is 1.5Million U.S Dollars. In order to know you are ready to receive your approved fund, you are strictly advice to furnish us with the below information for us to cross check in our payment file if is correct, and after all verification, we will then direct you on how to contact the Bank for your fund payment to you.

1. Your Full Name:
2. Address:
3. Home/Cell Phone:
4. Age and Marital Status:
5. Occupation:
6. Any Identification like Int'l Passport/Driver License:

We expecting your urgent response to this email to enable us monitor this payment effectively.

Yours faithfully

Mrs.Theresa Lewis

Assistance Secretary United Nation

Email analysis :

NOTE : lewistheresa@yandex.com
NOTE : qaz@opgufyigfhypooj.tk
NOTE : X-Originating-Ip : [109.74.203.116]

Vous avez un message (Phishing Crédit Agricole)

Bonjour,

Un nouveau message est disponible sur votre messagerie.

Pour le consulter, Veuiller Cliquez sur le lien ce-dessous:

Cliquez ici

Nous vous remercions de votre confiance.

Ce courriel vous a ete envoye par un systeme automatique d emission de messages.
L adresse d emission n est pas une adresse de courriel classique.
Si vous a cette adresse, votre message ne sera pas pris en compte

Email screenshot :


Email analysis :

NOTE : noreply@nrj.fr
NOTE : X-Dinascanner : Este E-Mail no ha sido analizado.
NOTE : Return-Path : < generalconsultora@vl927.dinaserver.com >
NOTE : X-Dinascanner-From : generalconsultora@vl927.dinaserver.com
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 8bit
NOTE : X-Mailer : PHPMailer [version 1.73]
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : Received : from vl927.dinaserver.com ([82.98.176.158])
NOTE : Received : by vl927.dinaserver.com (Postfix, from userid 1004)
NOTE : Vous avez un message

Phishing analysis :

CLICK : Cliquez ici
OPEN : http://www.conseiller-fr-ca.com/zdh//
REDIRECT : http://id-ca-secure.com/login/*/particulier.html?agricole=_banque-run&secure=*
NOTE : THIS PHISHING IS SIMILAR TO THIS PHISHING.
NOTE : SWITCH TO DOMAINS ANALYSIS.

id-ca-secure.com whois :

Domain Name: ID-CA-SECURE.COM
Registry Domain ID: 2035899334_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.vodien.com
Registrar URL: www.vodien.com
Updated Date: 2016-06-17T04:18:07Z
Creation Date: 2016-06-17T04:18:06Z
Registrar Registration Expiration Date: 2017-06-17T04:18:06Z
Registrar: Vodien Internet Solutions Pte Ltd
Registrar IANA ID: 1912
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registrant Name: Josceline BRIALLON
Registrant Organization: N/A
Registrant Street: 23 rue Jeanne d'Arc
Registrant City: Paris
Registrant State/Province: Paris
Registrant Postal Code: 75001
Registrant Country: FR
Registrant Phone: +33.0152896325
Registrant Email: zszeos@gmail.com
Registry Admin ID:
Admin Name: Josceline BRIALLON
Admin Organization: N/A
Admin Street: 23 rue Jeanne d'Arc
Admin City: Paris
Admin State/Province: Paris
Admin Postal Code: 75001
Admin Country: FR
Admin Phone: +33.0152896325
Admin Email: zszeos@gmail.com
Registry Tech ID:
Tech Name: Josceline BRIALLON
Tech Organization: N/A
Tech Street: 23 rue Jeanne d'Arc
Tech City: Paris
Tech State/Province: Paris
Tech Postal Code: 75001
Tech Country: FR
Tech Phone: +33.0152896325
Tech Email: zszeos@gmail.com
Name Server: ns1.singaporehost.sg
Name Server: ns2.singaporehost.sg
Name Server: ns3.singaporehost.sg
DNSSEC:Unsigned
Registrar Abuse Contact Email: domain@vodien.com
Registrar Abuse Contact Phone: +65.62886264

conseiller-fr-ca.com whois :

Domain Name: CONSEILLER-FR-CA.COM
Registry Domain ID: 2035898903_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.vodien.com
Registrar URL: www.vodien.com
Updated Date: 2016-06-17T04:09:26Z
Creation Date: 2016-06-17T04:09:25Z
Registrar Registration Expiration Date: 2017-06-17T04:09:25Z
Registrar: Vodien Internet Solutions Pte Ltd
Registrar IANA ID: 1912
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Josceline BRIALLON
Registrant Organization: N/A
Registrant Street: 23 rue Jeanne d'Arc
Registrant City: Paris
Registrant State/Province: Paris
Registrant Postal Code: 75001
Registrant Country: FR
Registrant Phone: +33.0152896325
Registrant Email: zszeos@gmail.com
Registry Admin ID:
Admin Name: Josceline BRIALLON
Admin Organization: N/A
Admin Street: 23 rue Jeanne d'Arc
Admin City: Paris
Admin State/Province: Paris
Admin Postal Code: 75001
Admin Country: FR
Admin Phone: +33.0152896325
Admin Email: zszeos@gmail.com
Registry Tech ID:
Tech Name: Josceline BRIALLON
Tech Organization: N/A
Tech Street: 23 rue Jeanne d'Arc
Tech City: Paris
Tech State/Province: Paris
Tech Postal Code: 75001
Tech Country: FR
Tech Phone: +33.0152896325
Tech Email: zszeos@gmail.com
Name Server: ns1.singaporehost.sg
Name Server: ns2.singaporehost.sg
Name Server: ns3.singaporehost.sg
DNSSEC:Unsigned

Disposition á propos de votre CB (Phishing Crédit Agricole)

Bonjour,

Suite á une erreur sur votre dernier achat.

Merci de bien vouloire regler votre dossier.

Veuiller Cliquez sur le lien ce-dessous:

Cliquez ici

Nous vous remercions pour votre confiance.
Cordialement,

Conseil d'administration.

Email screenshot :

Email analysis :

NOTE : aaaaa@leslipfrancais.fr
NOTE : Content-Type : text/html; charset=iso-8859-1
NOTE : Mime-Version : 1.0
NOTE : Return-Path : < www-data@leslipfrancais.fr >
NOTE : Received : from leslipfrancais.fr ([162.243.248.84])


NOTE : Received : by leslipfrancais.fr (Postfix, from userid 33)
NOTE : X-Php-Originating-Script : 0:galiane.php
NOTE : Message-Id : < *.*@leslipfrancais.fr >
NOTE : Disposition á propos de votre CB

Phishing analysis :

CLICK : Cliquez ici
OPEN : http://enter-ac.com/staff.php
NOTE : Phishing was an attempt and account was suspended.

Hello Dearest (Scam)

Hello Dearest

My name is susan, I saw your profile at Facebook and admire it, Please sorry for my embarrassment, I was only interested and wanted to know if we can develop honest relationship. I wish if is the will of God, we can start from here. But For better presentation kindly reach me back (susannabraham@hotmail.com) for more communication, As i did not say much about myself here,

Please reply to my PRIVATE email so that i can send you my photos and my details, I have a reason of contacting you, I have something very important to share with you, Please kindly write me through my email so that i will tell you the reason why i contacted you, here is my email, (susannabraham@hotmail.com) Hoping To Hear From You ,

Yours Susan

Abraham.

Email analysis :

NOTE : susannabraham@hotmail.com
NOTE : Received : from mail.undip.ac.id (localhost [127.0.0.1])
NOTE : by smtp.undip.ac.id (vPostMaster)
NOTE : Received : from smtp.undip.ac.id (rinjani.undip.ac.id. [182.255.0.91])


NOTE : User-Agent : Roundcube Webmail/RCMAIL_VERSION

smtp.undip.ac.id analysis :

OPEN : undip.ac.id
REDIRECT : http://www.undip.ac.id/v2/
SCREENSHOT :


TWITTER : @univ_diponegoro

18-06-2016 -- Mise a jour important (Phishing Crédit Agricole)

La Banque Postale

Votre situation

Bonjour,
Lors de votre dernier achat , vous avez été averti par un message vous informant de l'obligation d'adhérer à la nouvelle réglementation concernant la fiabilité pour les achats par C.B. sur internet et de la mise en place d'un arrêt pour vos futurs achats. Or, nous n'avons pas, ce jour, d'adhésion de votre part et nous sommes au regret de vous informer que vous pouvez plus utiliser votre carte sur internet.
.
Adhésion : Cliquez-ici

Nous vous remercions de la confiance que vous nous témoignez.
Cordialement,

CREDIT AGRICOLE

© CREDIT AGRICOLE 2016

Email screenshot :


Email analysis :

NOTE : creditagricoleinfo@ovh.com
NOTE : Mime-Version : 1.0
NOTE : X-Sid-Pra : creditagricoleinfo@ovh.com
NOTE : Content-Type : text/html; charset=utf-8
NOTE : Received : from lilyoude ([40.115.42.121])


NOTE : by mrelayeu.kundenserver.de
NOTE : 18-06-2016 -- Mise a jour important

Phishing analysis :

CLICK : Cliquez-ici
OPEN : http://www.iab.una.py/images/imagenes/r11/r13.html
REDIRECT : http://important.mise.a.jour.credit.agricole.identification-panel.com/login/*/particulier.html?agricole=_banque-run&secure=*
SCREENSHOT :


CLICK : Confirmer
REDIRECT : http://important.mise.a.jour.credit.agricole.identification-panel.com/login/*/information.php
SCREENSHOT :


CLICK : Valider / Confirmer
REDIRECT : http://important.mise.a.jour.credit.agricole.identification-panel.com/login/*/email.php
SCREENSHOT :


CLICK : Valider / Confirmer
REDIRECT : https://www.credit-agricole.fr/