Tuesday, November 28, 2023

OBTENIR DES SUBVENTIONS EUROPÉENNES (Scam)

POURQUOI ET COMMENT OBTENIR DES SUBVENTIONS EUROPÉENNES ?

(RESTE 3 PLACES)

DATE :

JEUDI 25 JANVIER 2024

OBJECTIFS DE LA FORMATION :

Nous sommes un organisme de formations certifié Qualiopi et Datadock. Savoir cibler de manière efficace TOUTES les subventions, les comprendre, et optimiser ses chances de réussite (les subventions sont des aides financières publiques non remboursables destinées aux TPE, PME, grandes entreprises et aux associations).

A QUI S'ADRESSE CETTE FORMATION ?

A tous les porteurs de projets, issus du secteur associatif et du secteur privé (entreprises, commerces de toutes tailles) ainsi qu'aux experts susceptibles de conseiller leurs clients dans la recherche de subventions. La participation ne requiert pas de compétences spécifiques. Aucun pré-requis

FORMATEUR :

Thibault NIVIERE :

- consultant enregistré au Parlement Européen,
- intervenant à l'ENA, à l'Université de Strasbourg et à l'ISEG,
- formateur ISE des élus et de leurs collaborateurs (enregistré auprès du Ministère de l'Intérieur, de l'Outre-mer, des Collectivités Territoriales et de l'Immigration).

Thibault NIVIERE gérant de Nivière Subventions & Consulting (10 Place Vendôme à Paris) est entouré d'une équipe hautement qualifiée attentive à toutes les problématiques financières et ayant une exigence de proximité et de qualité envers ses clients.

TARIF (plus que 3 places) :

600 euros net de TVA au lieu de 1 090 euros
(tarif préférentiel jusqu'au 01/12/2023).

Coût par participant comprenant la formation et les supports pédagogiques.

HORAIRE :

De 9h30 à 12h30 et de 13h30 à 17h30 (7 heures)

AVANTAGES EN CLASSE VIRTUELLE :

- Zéro déplacement & logistique.
- Des supports pédagogiques comme en présentiel.
- Gain de temps pour plus d'interactions et d'échanges.
- Eviter les contaminations liées au coronavirus
- Eligible aux OPCO - ex. OPCA (sous conditions).

DÉROULEMENT DE LA JOURNÉE :

- Savoir cibler les subventions européennes et connaitre tous leurs mécanismes (FSE, FEDER, HORIZON, FEADER etc.),
- Savoir lister les subventions de votre région complémentaires aux subventions européennes,
- Savoir faire financer un projet de coopération entre régions européennes,
- Connaitre les moyens efficaces pour devenir partenaires de projets européens subventionnés,
- Intégrer les attentes de l'Europe y compris officieuses,
- Connaître les projets finançables par les subventions locales, régionales, nationales et européennes,
- Intégrer les attentes des institutions y compris officieuses,
- Construire un projet dans le cadre des subventions européennes et optimiser votre candidature,
- Construire un projet local, national et européen et optimiser votre candidature,
- Réussir le montage budgétaire d'une demande de subvention pour optimiser le montant de la subvention,
- Savoir gérer un projet financé par la Commission Européenne,
- Connaître les contrôles européens existants,
- Savoir faire le suivi des subventions attribuées,
- Cas pratiques sur les subventions européennes (montage de projets et de budgets ...),
- Cas pratiques sur l'analyse de subventions européennes et projets.

MOYENS PEDAGOGIQUES :

- Projection d'un power point
- Etudes de cas pratiques

PRE INSCRIPTION & INFORMATIONS :

Thibault NIVIERE
Cliquer ici (contact@lesaidesfinancieres.fr) pour nous écrire ou au 06 13 16 40 08
Nivière Subventions & Consulting
10 place Vendôme 75001 Paris

Cliquer ici pour visiter notre site internet

N'HESITEZ PAS A TRANSFERER CE MAIL A TOUTES PERSONNES SUSCEPTIBLES D'ETRE INTERESSEES

Email analysis :

NOTE : contact@niviere-subventions.net
NOTE : contact@lesaidesfinancieres.fr
NOTE : client-ip=62.4.26.72;

Friday, September 8, 2023

Phishing Crédit Agricole (Phishing)

Crédit Agricole

Bonjour ,

Vous avez choisi de gérer vos comptes en ligne depuis le site credit-agricole.fr ou l'application Ma banque, mais vous n'avez pas encore activé votre numéro mobile dans votre profil.

ATTENTION : à partir du 10 Septembre 2023, l'accès à votre espace client et l'application mobile Ma Banque nécessiteront un code reçu par sms ou une notification d'authentification forte SécuriPass.

Ainsi, pour continuer à rester connecté sur votre compte , nous vous prions d'activer votre numéro de téléphone en cliquant ici.

Votre numéro de mobile est la première condition essentielle pour rester connecté. Pour toute question, vous pouvez contacter le numéro d'assistance 01 43 63 23 00 (appel local non surtaxé).

Merci de votre confiance,
Crédit Agricole.

©Crédit Agricole 2023
Ces nouvelles mesures renforcent la sécurité des accès en ligne à vos comptes par l'utilisation de l'authentification forte, conformément aux dernières exigences de la seconde directive européenne sur les services de paiements 2e version (dite DSP2) entrées en vigueur le 15/07/2023.


Email analysis :

NOTE : relation.clients@credit-agricole-ca.fr
NOTE : URGENT DSP2: ACTIVEZ VOTRE NUMERO DE TELEPHONE
NOTE : Received : ⁨from managergram.com (45.81.225.192) by email.cloudflare.net (unknown) NOTE : smtp.remote-ip=45.81.225.192⁩
Phishing analysis :

CLICK : "cliquant ici."
OPEN : https://sites.google.com/view/nkjui/accueil

CLICK : "cliquez ici"
OPEN : https://www.google.com/url?q=https%3A%2F%2Furlz.fr%2Fnr4w&sa=D&sntz=1&usg=AOvVaw2vya9EGOMkiYaRWszpmLcC
REDIRECT : Redirection to a corrupted Wordpress website.

Tuesday, August 22, 2023

Don't miss your unsettled payment. Complete your debt payment now. (BTC Scam)

Hi there!

I regret to inform you about some sad news for you.
Approximately a month or two ago I have succeeded to gain a total access to all your devices utilized for browsing internet.
Moving forward, I have started observing your internet activities on continuous basis.

Go ahead and take a look at the sequence of events provided below for your reference:
Initially I bought an exclusive access from hackers to a long list of email accounts (in today's world, that is really a common thing, which can arranged via internet).
Evidently, it wasn't hard for me to proceed with logging in your email account (*@*).

Within the same week, I moved on with installing a Trojan virus in Operating Systems for all devices that you use to login to email.
Frankly speaking, it wasn't a challenging task for me at all (since you were kind enough to click some of the links in your inbox emails before).
Yeah, geniuses are among us.

Because of this Trojan I am able to gain access to entire set of controllers in devices (e.g., your video camera, keyboard, microphone and others).
As result, I effortlessly downloaded all data, as well as photos, web browsing history and other types of data to my servers.
Moreover, I have access to all social networks accounts that you regularly use, including emails, including chat history, messengers, contacts list etc.
My unique virus is incessantly refreshing its signatures (due to control by a driver), and hence remains undetected by any type of antiviruses.

Hence, I guess by now you can already see the reason why I always remained undetected until this very letter...

During the process of compilation of all the materials associated with you,
I also noticed that you are a huge supporter and regular user of websites hosting nasty adult content.
Turns out to be, you really love visiting porn websites, as well as watching exciting videos and enduring unforgettable pleasures.
As a matter of fact, I was not able to withstand the temptation, but to record certain nasty solo action with you in main role,
and later produced a few videos exposing your masturbation and cumming scenes.

If until now you don't believe me, all I need is one-two mouse clicks to make all those videos with everyone you know,
including your friends, colleagues, relatives and others.
Moreover, I am able to upload all that video content online for everyone to see.
I sincerely think, you certainly would not wish such incidents to take place, in view of the lustful things demonstrated in your commonly watched videos,
(you absolutely know what I mean by that) it will cause a huge adversity for you.

There is still a solution to this matter, and here is what you need to do:
You make a transaction of $1490 USD to my account (an equivalent in bitcoins, which recorded depending on the exchange rate at the date of funds transfer),
hence upon receiving the transfer, I will immediately get rid of all those lustful videos without delay.
After that we can make it look like there was nothing happening beforehand.
Additionally, I can confirm that all the Trojan software is going to be disabled and erased from all devices that you use. You have nothing to worry about,
because I keep my word at all times.

That is indeed a beneficial bargain that comes with a relatively reduced price,
taking into consideration that your profile and traffic were under close monitoring during a long time frame.
If you are still unclear regarding how to buy and perform transactions with bitcoins - everything is available online.

Below is my bitcoin wallet for your further reference:1HTxR4q4vxQKxtCXB95tdSC5xtsa2uPcMP

All you have is 48 hours and the countdown begins once this email is opened (in other words 2 days).

The following list includes things you should remember and avoid doing:
There's no point to try replying my email (since this email and return address were created inside your inbox).
There's no point in calling police or any other types of security services either. Furthermore, don't you dare sharing this info with any of your friends.
If I discover that (taking into consideration my skills, it will be really simple, because I control all your systems and continuously monitor them) -
your nasty clip will be shared with public straight away.
There's no point in looking for me too - it won't result in any success. Transactions with cryptocurrency are completely anonymous and untraceable.
There's no point in reinstalling your OS on devices or trying to throw them away. That won't solve the issue,
since all clips with you as main character are already uploaded on remote servers.

Things that may be concerning you:
That funds transfer won't be delivered to me.
Breathe out, I can track down everything right away, so once funds transfer is finished,
I will know for sure, since I interminably track down all activities done by you (my Trojan virus controls all processes remotely, just as TeamViewer).
That your videos will be distributed, even though you have completed money transfer to my wallet.
Trust me, it is worthless for me to still bother you after money transfer is successful. Moreover, if that was ever part of my plan, I would do make it happen way earlier!

We are going to approach and deal with it in a clear manner!

In conclusion, I'd like to recommend one more thing... after this you need to make certain you don't get involved in similar kind of unpleasant events anymore!
My recommendation - ensure all your passwords are replaced with new ones on a regular basis.

Scam analysis :

NOTE : Spoofing
NOTE : Received : ⁨from 58-27-133-42.wateen.net (unknown [58.27.133.42])
NOTE : BTC / 1HTxR4q4vxQKxtCXB95tdSC5xtsa2uPcMP
NOTE : BTC SCAM.

United Bank For Africa -dO--A-M

UNITED BANK FOR AFRICA - AFRICA'S GLOBAL BANK
HEAD OFFICE ADDRESS UBA HOUSE
57 MARINA P.O. BOX 2406 LAGOS NIGERIA

My Name is Kennedy Uzoka the director cash processing unit, united bank for Africa [UBA}.

The international monetary fund (I.M.F.) in conjunction with Organization of African Unity (O.A.U) has directed us to pay you One million five hundred thousand united state dollars ($1.500, 000.00/-USD) in cash through means of diplomatic courier service hand delivery.

Take note: Three thousand united state dollars ($3,000.00/- USD) have been mapped out for all expenses in taxes and other documents that matters.

Therefore, do forward your home address and direct phone number to me for quick delivery because time is not in our side.

Please reply/direct your email to this
Email: kenuzokaunitedbankforafrica@gmail.com

Regards,

Kennedy Uzoka
Director cash processing unit
united bank for Africa. (U.B.A).
Email : kenuzokaunitedbankforafrica@gmail.com

Email analysis :

NOTE : kenuzokaunitedbankforafrica@gmail.com
NOTE : doris@mail.la-espero.cn
NOTE : Received : ⁨from mail.la-espero.cn (mail.la-espero.cn [123.57.30.161])
NOTE : Received : ⁨from 147.78.103.233 (HELO USER);

Tuesday, July 20, 2021

Votre certificat SSL a expiré (Phishing OVH)

S​​AS O​​V​​H - https://ww​​w.ov​​h.co​​m
2 r​​ue ‫Ke​​lle​​rman
BP 80157
591​​00 Ro​​ubaix

Le 18.07.2021 05:16

Madame, Monsieur,

A notre connaissance, nous n'avons toujours pas reçu le p​​​​​​​​​​​​​​aiem​​​​​​​​​​​​​​ent
d'un montant de 12,68€ pour votre r​​​en​​​​​​​​​​​​​​​ouv​​​​​ellem​​​ent du certificat SSL .

Nous attirons votre attention sur le fait que, si votre r​​​en​​​​​​​​​​​​​​​ouv​​​​​ellem​​​ent n'est pas réglée sous 2 jours,
Votre site web sera s​​​usp​​​endu
jusqu'a la reception de votre r​​​en​​​​​​​​​​​​​​​ouv​​​​​ellem​​​ent.

Vous pouvez procéder directement au r​​​en​​​​​​​​​​​​​​​ouv​​​​​ellem​​​ent par c​​​ar​​​te ban​​​caire à l'adresse suivante:

https://ww​​w.ov​​h.co​​m/fr/c​​gi-b​​in/order/r​​ene​​w.cgi?id=31IDL16nKT31sdOd89tjJtPBhu31HUYUhuhuyUIUt
(Cliquez directement sur le lien ou faites un copier/coller
directement dans votre navigateur Internet)

Cordialement,

L'équipe OVHcloud

[ref=1.31M16s3ih]

Email analysis :

NOTE : postmaster@fr.ovhservices.net
NOTE : client@mail.ovh
NOTE : Received : ⁨from bsmtp4.bon.at (bsmtp4.bon.at [195.3.86.186])
NOTE : Received : ⁨from bsmtp3.bon.at (unknown [192.168.182.108])

Phishing analysis :

SCREENSHOT :
CLICK : https://ww​​w.ov​​h.co​​m/fr/c​​gi-b​​in/order/r​​ene​​w.cgi?id=31IDL16nKT31sdOd89tjJtPBhu31HUYUhuhuyUIUt
OPEN : http://ar4.fre-pic.net/05:16/18.07.2021/?CVGYHJ90SW=78WSHKKL09
REDIRECT : PHISHING CLOSED.
REDIRECT : https://href.li/?https://www.ivrose.com
REDIRECT : https://www.ivrose.com

Tuesday, July 13, 2021

Arnaque Sinexa

Mal au dos ?
Vous travaillez des heures au bureau ?
Des solutions existent !

> DÉCOUVRIR MAINTENANT

Les douleurs dorsales et lombaires, les sciatiques, peuvent être extrêmement gênantes au travail. Ce sur-siège lombaire s’adapte à n’importe quel siège, en voiture, au travail ou à la maison.

Ces deux supports (assise et dossier) peuvent vous suivre partout grâce à leur facilité de transport.

SATISFACTION
GARANTIE
EXPEDITION DE
FRANCE
TELEPHONE POUR NOUS JOINDRE
LIVRAISON
GRATUITE
SATISFAIT OU REMOURSÉ

Email analysis :

NOTE : PrevDos@dsd.coceare.icu
NOTE : http://dsd.coceare.icu/asumxytjghubxxnvkv-72014993-bbnditmk1o-16137-24359-0.php NOTE : https://sinexa.net/product/coussin-lombaire-chaise-de-bureau/

Friday, November 20, 2020

Demande de correspondance (Arnaque)

Bonjour

Je me nomme DUBE Bibiane, je suis Canadienne de nationalité et âgée de 29 ans célibataire sans enfant.Je travail comme délégué médical dans une ONG normée A. C.D.H (ASSISTANCE CANADIENNE POUR LE DÉVELOPPEMENT HUMANITAIRE) au canada . C'est en faisant une petite recherche sur le moteur de recherche Google que je suis tombé sur votre adresse émail et je voudrais profiter pour correspondre avec vous afin d'établir si possible une relation plus affinée à divers niveaux et sans complaisance car une personne de plus comme ami est une bonne chose dans la vie d'un humain, car nul ne sait là ou se trouve son bonheur sauf en cherchant qu'il le trouvera. Alors on dit, pour trouver sans chercher, il faut avoir cherché sans trouver. L'amitié double les joies et réduit à moitié les peines alors je serai ravi de te lire très prochainement sur mon adresse mail : dube.bibiane@gmail.com

============================
Mlle DUBE Bibiane
- Administratrice Hospitalière
- Délégué médical
mail privé : dube.bibiane@gmail.com
-----------------------------------

Email analysis :
NOTE : dube.bibiane@gmail.com
NOTE : mario.passarini@tin.it NOTE : ⁨102.64.168.236

Saturday, April 27, 2019

COLLECTE NATIONALE POUR LA RECONSTRUCTION DE LA CATHÉDRALE NOTRE-DAME DE PARIS (SCAM)

Cher(e)s frères, soeurs et ami(e)s français, d'ici et d'ailleurs,

Face à la tragédie qui touche la Cathédrale Notre-Dame de Paris la Fondation du patrimoine, qui agit depuis 20 ans pour restaurer le patrimoine français, lance une collecte pour financer la restauration de Notre-Dame. Il exhorte le Peuple français et le monde entier à participer à cette action de soutien pour la reconstruction du Symbole d'unité pour tous.
A ceux qui désirent adhérer à cette coopération, rendez-vous sur le site Officiel de la Fondation du Patrimoine ci dessous:

Accédez-ici au site de la Fondation du Patrimoine

Les dons sur le site débutent à partir de 50€, 100€, 200€ et se limitent à 500€. Pour tout autre don au delà de cette limite, il faut contacter la fondation pour un envoi par chèque ou par virement bancaire. C'est grâce à la générosité de nos donateurs que les équipes de La Fondation du patrimoine peuvent continuer leurs actions.
Un grand merci d'avance !

Très sincèrement,
FONDATION DU PATRIMOINE
Organisme privé indépendant à but non lucratif Logo

FONDATION DU PATRIMOINE
153 bis avenue Charles De Gaulle 92200 Neuilly sur Seine
t: 01 70 48 48 00

Banner

Les opinions exprimées dans cet e-mail appartiennent à leur auteur et ne reflètent pas nécessairement les vues et opinions de la société. Nos employés sont tenus de ne faire aucune clause diffamatoire, d'enfreindre ou d'autoriser la violation d'un droit légal. Par conséquent, la société décline toute responsabilité pour de telles déclarations incluses dans des courriels. En cas de dommages ou d'autres responsabilités, les employés sont entièrement responsables du contenu de leurs courriels.

Email Screenshot :


Email analysis :

NOTE : silvia.rivilli@uniud.it
NOTE : spagnul.matteo@spes.uniud.it
NOTE : 52.101.133.13


NOTE : 40.107.13.57


NOTE : https://donfondation-patrimoine-sauvonsnotredame.weebly.com/


NOTE : https://donfondationpatrimoineorg-collecte.weebly.com


NOTE : Links were hosted by Weebly.

Sunday, March 4, 2018

Greeting From FBI Headquarters Washington DC 20535-0001

From FBI Headquarters Washington DC 20535-0001,
935 Pennsylvania Avenue, NW,
Washington, DC 20535-0001
Director: Christopher Wray

Greeting From FBI Headquarters Washington DC 20535-0001

The Federal bureau of investigation FBI Washington DC believe you received the previous message we sent to you, prior to your dealings with the US Custom Authority at (JFK) John F. Kennedy International Airport New York as regards to your over-due contract payment consignment trunk box worth $ 8,000.000.00 (Eight million usdollars
only) which was endorsed in your favor and like we stated earlier, we have dully screened through this project as stipulated on our
protocols of operation and have finally confirmed that your contract payment is 100 % genuine and hitch free from all facet and of which you have the lawful right to claim your fund without any further delay.

This is to let you know that we have just been informed through secrete source that the US Custom Authority at (JFK) John F. Kennedy
International Airport New York are making arrangement to have your contract fund wired into the Bank account of Mrs Jane Frederick, the lady that contacted them, earlier and presented some documentations evidencing your claim purported to have being signed personally by you for the release of your contract fund to her, since you have chose to ignore their messages and refuse to pay the required $ 150 for Custom Clearance Certificate charges as imposed, despite the advise we gave to you.

I want to personally assure you once again that you will have every course to smile and be happy upon conclusion of this project, as we will continue monitoring all your services with them at all level as well as your correspondence until you have received your Metal Trunk Box accordingly.

As a lawful legal owner we are hereby to protect your interest and that is the reason why we are doing all we can to make sure all goes well because this is a huge amount of money which we do not wish for you to lose .

We understand that the imposed fee might be too much for you to pay so to further make things easier for you, we have discussed with the US Custom Authority at (JFK) John F. Kennedy International Airport New York pleaded on your behalf for them to give you the grace of sending half of the charges $ 75 for now after which the Diplomatic Agent delivering your consignment trunk box to you then once you receive your fund you can then pay the balance $ 75. All we want you to do right now is to send the half of the money with the name listed below so we can forward it to Benin Republic Customs authority to help us obtain the Custom Clearance Certificate and the diplomat will make the delivery to your home address tomorrow morning.

SEND VIA WESTERN UNION OR MONEY GRAM

Receiver Name: Daniel Udo
City Location: Cotonou
Country: Benin Republic
Text Question: How Long
Text Answer: 24hours
Amount: $ 75
Sender's Name
MTCN

Contact us right away and let us know when you send half of the charges as we discussed with them to enable them route your fund to you with immediate effect. This is a life time opportunity and we will advise you take advantage of it before it It is too late to do so.

Also we are informed that we came to an agreement with the US Custom Authority at (JFK) John F. Kennedy International Airport New York that you will be sending half of the fee latest before the end of tomorrow. So please we will advise that you send the fee right away because if you fail to do that, then they will have no other choice than to release your fund to Mrs Jane Frederick who is ready to work with them and that am sure will be a very great loss to you as we will not be able to help you then,

Do not forget to giveme your direct mobile line for private communication.
All the messages you have been receiving from those low life fake peoples were from her the same group of fake members only to confuse you. To Visit FBI Headquarters / Tours. Our Headquarters is located between 9th and 10th Streets in northwest Washington, DC The closest Metro subway stops are Federal Triangle on the Orange / Blue lines, Gallery Place / Chinatown and Metro Center on the Red line, and Archives / Navy Memorial on the Yellow and Green lines

Yours in service,
cHRISTOPHER WRAY
FEDERAL BUREAU OF INVESTIGATION
UNITED STATES DEPARTMENT OF JUSTICE
WASHINGTON, DC 20535-0001

Email analysis :

NOTE : fbioffice20151@yahoo.com
NOTE : fbi.@royal.ocn.ne.jp
NOTE : X-Originating-Ip : ⁨[197.234.221.58]

BUSINESS PROPOSAL

Dear Friend

I am Edward Turner a supervisor with a private security company in South Africa , a Former intelligence chief of Late Muammar Ghaddafi Mr.Abdullah Senussi, of Libya. There is absolutely going to be a great doubt and distrust in your heart in respect of this letter coupled with the fact that, so many individuals have taken possession of the internet to facilitate their nefarious deeds, thereby making it extremely difficult for genuine and legitimate business class persons to get attention and recognition. There is no way for me to know whether I will be properly understood, but it is my duty to write and reach out to you as a person based on great fidelity and trust. Your contact is by a courtesy of my good friend who was a member of South African Export Promotion Council (SAEPC) in Johannesburg.

Before the Libyan uprising in 2011 Mr. Abdullah Sennusi deposited the sum of US$40,500,000.00 (Forty Million, Five Hundred Thousand United States Dollars only) with a security company I work for here in South Africa . after his arrest he was convicted and killed according to Libyan law. Since I have been unsuccessful in locating the relatives for over a period of time, I seek your consent to present you as the next of kin to the deceased so that the proceeds of this account valued at US$40,500,000.00 (Forty Million, Five Hundred Thousand United States Dollars only) can be transferred into your designated account. Then I shall proceed down to your country with you to confirm the net amount in your account and to invest my share of the money if you permit me.

I shall re validate and notarize all the necessary legal documents that can be used to back up any claim that the bank may need, this is 100% risk free ,I guarantee you this will be executed under a legitimate arrangement that will protect you from any breach of the law. I need your strong assurance and confidentiality. I will give you 40% while 60% for me. Contact me on the above email and send your mobile telephone number to me in your response.

This link will give you more insight on what went down in Libya during Ghadaffi regime

(http://www.timeslive.co.za/local/2013/06/02/Gaddafi-billions-found-in-SA1?ref=yfp) (http://images.timeslive.co.za/docs/Libyan%20letters.pdf)

if you are interested please reply me on my private email address: (edyturny@gmail.com) you can also send me your mobile phone numbers for easy faster communication.

Yours truly,

Edward Turner

Email analysis :

NOTE : edyturny@gmail.com
NOTE : accounts@456.co.za
NOTE : 154.70.137.21

Friday, March 2, 2018

CONGRATULATIONS!!!

jacob6usa@yahoo.com, jacob_anderson.smithholdings@yahoo.com, jacobacon37@yahoo.com, jacobdeff01@gmail.com, jacobloren1@gmail.com, jacobperez1964@gmail.com, jacobquence@gmail.com, jacoterie@voila.fr, jad@niepodam.pl, jade_price@aol.co.uk, jadekmacmillan@hotmail.com, jadenbarnes91catcher@mail.com, jadenwang4889@gmail.com, jaderamsey@gmx.com, jadoremoncochon@gmail.com, jaesonprescott@gmail.com, jafar@almascoltd.com, jagfiskarnagan@outlook.com, jagray@oaeusa.com, jahnsanjahn@gmail.com, jahovasin@gmail.com, jajabinks909@gmail.com, jake.iannuuzzi@gmail.com, jake.malcolm@rocketmail.com, jake73579@gmail.com, jake@gmail.com, jake_sims@outlook.com, jakefromstatefarm2@gmx.com, jakehanson1744@gmail.com, jakephils1@gmail.com, jakescott1987js@gmail.com, jakesmithcars@gmail.com, jakethedildo@gmail.com, jakeyhooky@gmail.com, jakobpedersen159@mail.com, jakupi305@gmail.com, jalopypup@hotmail.com, jam.cuncair@gmail.com, jamaal.grinder@gmail.com, jamalomar694@yahoo.com, jameel@syed.jameel-ahmed.ml, jameelapar@gmail.com, jamerno12@gmail.com, jamerskingers@gmail.com, james.cardinal91@gmail.com, james.cardinal@gmail.com, james.croford1@gmail.com, james.d.rockefeller@gmail.com, james.d.trajan@gmail.com, james.darker@gmail.com, james.ferguson1842@gmail.com, james.freestone@hotmail.co.uk, james.hamill.business@gmail.com, james.horner@yandex.com, james.horner@yandex.ru, james.lanes666@gmail.com, james.m.bentley@outlook.com, james.mchullam00@gmail.com, james.retiab@gmail.com, james.sharpey1989@gmail.com, james.smith6542@gmail.com, james.sullivan.sykes@gmail.com, james.underdog.smith@gmail.com, james.vail.mr@gmail.com, james.william.clarkson@gmail.com, james.witherwood@gmail.com, james20012009@gmail.com, jamesaldin45@gmail.com, jamesas@gmail.com, jamesbailey870@gmail.com, jamesbancroft@gmail.com, jamesbill@gmail.com, jamesblakethethird@gmail.com, jamesblond1970@hotmail.com, jamesbond007astonmartini@gmail.com, jamesbond10096@yahoo.com, jamescarstairs1990@gmail.com, jamescass1977@gmail.com, jamesceorockwell@clerk.com, jamescolemandpt1@gmail.com, jamescolumner@gmail.com, jamescpaulson@gmail.com, jamesdetrom@gmail.com, jamesdickinson0007@gmail.com, jamesdickinson007@hotmail.com, jamesdola31@gmail.com, jamesdoodle95@gmail.com, jamesdrull@gmail.com, jamesdunnington5@gmail.com, jamesentwistle52@gmail.com, jamesfentwistle_us1@outlook.com, jamesgoldberg3415@outlook.com, jamesgolding400@yahoo.com, jameshaldane.pch@gmail.com, jameshammond18644@gmail.com, jameshawk@airmail.cc, jameshawthorne73@hotmail.com, jameshay88@gmx.com, jamesheller1985@mail.com

Email analysis :

NOTE : www.@apricot.ocn.ne.jp
NOTE : fedexcompany799@gmail.com
NOTE : X-Originating-Ip : ⁨[41.216.50.156]⁩

Thursday, February 22, 2018

veuillez lire ce mail


Chèr(e) client(e),

Votre conseiller Crédit Mutuel de Bretagne vous a adressé un nouveau mail important,

Pour le consuter veuillez cliquer sur le lien ci-dessous:

Cliquez içi

Cordialement

Phishing screenshot :


Email analysis :

NOTE : oidn@xtra.co.nz
NOTE : X-Mailer : ⁨Open-Xchange Mailer v7.8.3-Rev22⁩
NOTE : X-Sender-Ip : ⁨210.55.143.52⁩


Phishing analysis :

Click : Cliquez içi
OPEN : http://www.childrens-paradise.at/1
REDIRECT : http://www.josefinodenring.com/sd/cmb/*/conixion.html?*
SCREENSHOT :


POST : FORM
REDIRECT : http://www.josefinodenring.com/sd/cmb/*/post.php?hello_marco_sbou
REDIRECT : https://www.cmb.fr/banque/assurance/credit-mutuel/web/j_6/accueil

Tuesday, October 31, 2017

Bonjour ! (Arnaque)

MINISTERE DE LA CITOYENNETE ET DE L'IMMIGRATION
DIRECTION GÉNÉRALE S.N.C-LAVALIN
Siège social de SNC-Lavalin, Boulevard René-Lévesque, à Montréal
Service Renseignement ! Tél : (+1) 815 242 7439 Tour de 22 étages 390,rue Bay, bureau 1600
E-mail: direction.snc.ca@gmail.com

*********************************

Accord de publication N° 001/GC/DRH/GOV- CA-CIC-2017

A votre Attention !!!

Cadres et Jeunes diplômés Bienvenus, Dans le souci de lutter contre le voyage clandestin, la pauvreté, de promouvoir l'emploi et à l'intégration Africaine au processus de la mondialisation, La Compagnie SNC-LAVALIN International en collaboration avec le service de Citoyenneté et Immigration au Canada lance une grande session de recrutement en cette d'année 2017.

En effet nous recherchons avant tout des personnes capables sans distinction de sexe qui pourront s'adapter à notre environnement de travail.

CONDITION A REMPLIR POUR TOUTE PERSONNE INTÉRESSÉE

1- Être âgé(e) entre 18 et 65 ans
2- Être titulaire au moins du BEPC BAC ou autres Diplômes Professionnels
3- Savoir parler le français ou l'anglais
4- Avoir de bonnes qualités relationnelles
5- Avoir une bonne moralité

PS: Pour plus d'informations et le retrait du formulaire, veuillez nous

envoyer vos coordonnées

Si vous êtes intéressés veuillez nous envoyer: NOM; PRÉNOMS; AGE; PAYS;NATIONALITÉ; PROFESSION; SEXE; NUMÉRO TÉLÉPHONE; ADRESSE: à l'adresse de la direction par Émail qui est la suivant: direction.snc.
ca@gmail.com puis nous contacter sur (+1) 815 242 7439 pour confirmation de votre inscription et pour plus d'informations sur les conditions à remplir et les pièces à fournir pour votre dossier de candidature.

Le chargé de l'information

Cordialement !!

Email analysis :

NOTE : Received : from (207.198.108.65) by wmlighttin.pc.tim.it;
NOTE : francesco.silvester@tin.it
NOTE : direction.snc.ca@gmail.com
NOTE : X-Originating-Ip : 207.198.108.65

Thursday, August 24, 2017

Your PayPal account has been temporarily Locked! (PayPal Phishing)

paypal

Welcome

Dear *@*,

Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)

Activate

Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.

Yours sincerely,
PayPalYours sincerely,
PayPal

Email analysis :

NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])


Phishing analysis :

CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :


TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :

Wednesday, August 23, 2017

Bonjour (Arnaque financement)

Bonjour,

Par respect, êtes-vous en besoin de financement ? Si oui, je vous expliquerai plus en détails dans mon prochain mail.

A vous lire,

Linette TROST

Email analysis :

NOTE : sperandeosnc@tin.it
NOTE : linette.trost@gmail.com
NOTE : X-Originating-Ip : 41.138.89.213:49283


NOTE : sperandeosnc@tin.it designates 212.216.176.195
NOTE : as permitted sender) client-ip=212.216.176.195;

Saturday, August 19, 2017

Your fund has been discovered (Scam from a zombie server)

Hello,
My name is Frank. I am a top-exec in a global bank here in Asia. I have an offer for you that will greatly benefit us both if we work together. Please, do get in touch with me so I can explain more about the deal.
Cordially,
Frank

Email analysis :

NOTE : p.pproject@outlook.com
NOTE : test@rachatcredits.ovh
NOTE : X-Ovh-Remote : 213.186.33.59 (b9.ovh.net)
NOTE : Mime-Version : 1.0
NOTE : Content-Description : Mail message body
NOTE : client-ip=91.121.204.118;


NOTE : helo=ns336204.ip-91-121-204.eu;
NOTE : Received : from [51.254.235.99] (ip99.ip-51-254-235.eu [51.254.235.99])


NOTE : by ns336204.ip-91-121-204.eu (Postfix)
NOTE : Rép :
NOTE : Scam from a zombie server hosted on OVH.

Wednesday, July 26, 2017

Agence ClientèIe SBE : RappeI (Phishing Bred)

Cher(e) Client(e),

Votre conseiller vous informe que vousiavezireçuiunimessageoimportant

conçernantivotreiE-Code.

tVotre accès en ligne

Cordialement
Votre Banque

ic

Email analysis :NOTE :

NOTE : laempresadelexito.com@emails.afm-telethon.fr
NOTE : laempresadelexito.com
NOTE : X-Php-Originating-Script : 0:tmsir.php
NOTE : Received : by emails.afm-telethon.fr (Postfix, from userid 33)
NOTE : Received : from emails.afm-telethon.fr ([165.227.14.87])
NOTE : emails.afm-telethon.fr@emails.afm-telethon.fr

Phishing screenshot :


Phishing analysis :

CLICK : tVotre accès en ligne
OPEN : http://laempresadelexito.com/BredEcode
REDIRECT : http://www.metaltripshop.com/metaltripshop/app/code/community/Mage/Sales/Model/Convert/Model/brlogin/brlogin/*/
SCREENSHOT :


VALIDATE : FORM
REDIRECT : http://www.metaltripshop.com/metaltripshop/app/code/community/Mage/Sales/Model/Convert/Model/brlogin/brlogin/*/phone.php?tok=*
VALIDATE : FORM
REDIRECT : http://www.metaltripshop.com/metaltripshop/app/code/community/Mage/Sales/Model/Convert/Model/brlogin/brlogin/*/sms.php?tok=*
VALIDATE : FORM
REDIRECT : http://www.metaltripshop.com/metaltripshop/app/code/community/Mage/Sales/Model/Convert/Model/brlogin/brlogin/*/done.php?tok=*
REDIRECT : https://www.bred.fr/index.html

Conclusion :

Victim : BRED
Spoofed service : emails.afm-telethon.fr
Location of the Open redirect : laempresadelexito.com
Location of the Phishing : metaltripshop.com

Tuesday, July 11, 2017

Directeur de l' agence : E-Code (Phishing Bred)

Cher(e) Client(e),

Votreiconseiller vous informe que vousiavezireçuiunimessageoimportant

conçernantivotreiE-Code.

iVotreiaccèsienilignei

Cordialement
Banque BRED

sd

Phishing screenshot :


Phishing analysis :

CLICK : iVotreiaccèsienilignei
OPEN : http://motivacionempresas.com/Bred/Ecode
REDIRECT : http://www.metaltripshop.com/fotos/demo/img/demo/0day/img/0day/login-03f844f750d92844533c7114b77b104/brlogin/brlogin/84e2dceb893464b1f65509eaad9f7bed/
SCREENSHOT :


NOTE : The phishing page requests for a mobile phone.
NOTE : The phishing page requests for a code related to the mobile phone.
SCREENSHOT :


REDIRECT : https://www.bred.fr/index.html

Email analysis :

NOTE : eventosinfantiles.es@stepstone.fr
NOTE : Received : from stepstone.fr (mx28-g26.priv.proxad.net [172.20.243.98])
NOTE : X-Php-Originating-Script : 0:manager.php

Monday, November 28, 2016

Attension

Attension,

This is to brought to your notice that i am the new manager of united bankf for african and here i go through bank draft and i can see that you have not receive your over drawft payment which it has been program for transfer into your norminated bank account. Has i go throught your dafault file,i can see your that your total fund is $6.5milion united sates dollars, Please you are advise to get us the requested information below.

Your Full Name=================
Your Direct Phone No.==========
Your Bank Account No.==========
Swift Code=====================
Occupation==========
Bank Address/Bank Phone No.====

Copy of your identity/driving licence

Once this require information are provided, we shall commence on the next step of your transaction. You are advise to contact us through our bank e-mail (united.bankforafrica@mail.ru )or via phone contact +229-98-328-353

WE REMAIN TO SERVE YOU BETTER IN BANKING SECTOR.

THANKS BEST REGARD

Dr. Philip Ezeson
EXECUTIVE GOVERNOR FUND RECOVERY COMITTEE
E-MAIL: ( united.bankforafrica@mail.ru )
TELL +229 98-328-353
FAX +229 0 01 63 802

Email analysis :

NOTE : united.bankforafrica@mail.ru
NOTE : "WW."@sage.ocn.ne.jp
NOTE : Received : from mzkstore613.ocn.ad.jp
NOTE : (mz-ukg613p.ocn.ad.jp [153.149.211.230])
NOTE : X-Originating-Ip : [62.75.138.143]

Friday, November 25, 2016

Dear in Christ.

Donation From Mrs Jessica Sebastian
BP [38 Rue Des Martyrs Cocody)
Abidjan, Cote d'Ivoire,

Dear in Christ.

I am Mrs Jessica Sebastian an ageing widow suffering from long time illness. I am currently admitted in a private hospital in Abidjan Cote d‘Ivoire,I have some funds I inherited from my late loving husband Mr Raymond Sebastian, the sum of £ 5.200.000 ( Five Million Two Hundred Thousand Euro ) which he deposited in bank here and I need a very honest and God fearing Christian that can use these funds for God's work and 15% out of the total funds will be for your compensation for doing this work of God.I found your email address from the internet and decided to contact you

Please if you would be able to use these funds for the Lord's work kindly reply me.

Send me the following information's as per below.

Your full names........................
Address .......................
Age ...............................
Occupation ....................................
photo................................

Your Sister in the Lord.
Mrs. Jessica Sebastian

Email analysis :

NOTE : sabastian_jessica@yahoo.com
NOTE : jessica.sabastian13@gmail.com
NOTE : X-Rocketymmf : gojo_t
NOTE : X-Mailer : YahooMailWebService/0.8.111_70
NOTE : Received : from [178.162.216.35]