Thursday, June 16, 2016

Automated Tax Refund Notification

If you can't see this message, view it in your browser.

HM Revenue & Customs
After the last calculations of your fiscal activity , we determined that you are aligible to receive a tax refund of
380.01 £.

To access your tax refund, please follow this link

NOTE: A refund can be delayed a variety of reasons , for exemple submitting invalid records or applying after deadline.
Revenue and Tax Administrator

HM Revenue & Customs Tax Credit Office
PO Box 1970
L75 1WX.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

Email screenshot :


Email analysis :

NOTE : support@gov.uk
NOTE : Received : from User ([173.12.155.133]) by win11.nswebhost.com

Phishing analysis :

CLICK : this link
OPEN : http://educacaoadistancia.blog.br/wp-admin/hmrc/
RESULT : Phishing was unresponsive
No comments:
Labels : ,

Tuesday, June 14, 2016

Automated Tax Refund Notification (HMRC Phishing)

If you can't see this message, view it in your browser.

HM Revenue & Customs

After the last calculations of your fiscal activity , we determined that you are aligible to receive a tax refund of 380.01 £.

To access your tax refund, please follow this link

NOTE: A refund can be delayed a variety of reasons , for exemple submitting invalid records or applying after deadline. Revenue and Tax Administrator

HM Revenue & Customs Tax Credit Office
PO Box 1970
L75 1WX.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

Email screenshot :


Email analysis :

NOTE : bruce.stewart.agent@gov.uk
NOTE : X-Barracuda-Url : http://10.10.100.232:8000/cgi-mod/mark.cgi
NOTE : X-Barracuda-Connect : 173-12-155-133-northgulf.hfc.comcastbusiness.net
NOTE : [173.12.155.133]
NOTE : mailhost.towne.com
NOTE : X-Barracuda-Auth-User : besadmin
NOTE : X-Barracuda-Apparent-Source-Ip : 173.12.155.133


NOTE : client-ip=12.200.104.232;


Phishing anaylsis :

CLICK : this link
OPEN : http://educacaoadistancia.blog.br/wp-includes/hmrc/
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/?*
SCREENSHOT :


CLICK : Let Start
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/indentify.php?ip=*
SCREENSHOT :


FILL : FORM
CLICK : Next
SCREENSHOT :


NOTE : LOADING A FAKE REFUND...
CLICK : Start Refund
SCREENSHOT :


SELECT : A bank...
CLICK : Next
SCREENSHOT :


FILL : FORM
CLICK : Continue
SCREENSHOT :


CLICK : Confirm Tax Refund
SCREENSHOT :


REDIRECT : https://www.gov.uk/government/organisations/hm-revenue-customs
No comments:
Labels : , , , ,

Sunday, October 11, 2015

PRIVATE..

HM Revenue & Customs (HMRC)
09/10/2015

ATTN:

Further to our investigations on the recent cyber crimes in the United Kingdom.We are aware that you were a victim of such fraudulent activities between 2010-2015 involving a fraudulent online bank.Her Majesty Revenue and Customs (HMRC)department of the United Kingdom have made necessary arrangement for each victim of such cyber crime to be duly compensated.Please kindly get back to the Ian Watson via the email below for further information (ianwatson105@gmail.com).

--
Esta mensagem foi verificada pelo sistema de antivĂ­rus e
acredita-se estar livre de perigo.

Email analysis :

NOTE : valdenir@cdlsaoluis.com.br
NOTE : ianwatson105@gmail.com
NOTE : 200.241.93.2 (slzcdl1cpd-103.cdlsaoluis.com.br)
No comments:
Labels : , , ,

Thursday, June 18, 2015

PRIVATE...

HM Revenue & Customs (HMRC)
15/06/2015

ATTN:

Further to our investigations on the recent cyber crimes in the United Kingdom.We are aware that you were a victim of such fraudulent activities between 2010-2015 involving a fraudulent online bank.Her Majesty Revenue and Customs (HMRC)department of the United Kingdom have made necessary arrangement for each victim of such cyber crime to be duly compensated.Please kindly get back to the Ian Watson via the email below for further information (ianwatson101@gmail.com).

Email analysis :

NOTE : PRIVATE...
NOTE : ianwatson101@gmail.com
NOTE : info@hmrc.gov.uk
NOTE : Received : from [10.89.184.86]
NOTE : (unknown [41.190.2.226]) by pluton.uto.edu.bo (Postfix)
NOTE : Received : from pluton.uto.edu.bo (190.129.1.187)
No comments:
Labels : , ,

Thursday, May 21, 2015

Invoices

Please review the attached invoices and pay them at your earliest convenience. Feel free to contact us if you have any questions.

Thank you.

Email analysis :

NOTE : application@hmrc.gov.uk
NOTE : soundesti7@compufort.com
NOTE : Received : from [110.120.202.131]
NOTE : (port=19367 helo=[192.168.4.77])
NOTE : by 69.3.15.254

Virus analysis :

AVG FakeAlert
AVware Win32.Malware!Drop
Ad-Aware Trojan.GenericKD.2427700
Avast Win32:Trojan-gen
Avira TR/Crypt.Xpack.230760
Baidu-International Trojan.Win32.BitWall.ia
BitDefender Trojan.GenericKD.2427700
Cyren W32/Trojan.RXVE-1253
DrWeb Trojan.Click3.12191
ESET-NOD32 Win32/TrojanDownloader.Agent.BEL
Emsisoft Trojan.GenericKD.2427700 (B)
F-Prot W32/Trojan3.PUX
F-Secure Trojan.GenericKD.2427700
GData Trojan.GenericKD.2427700
Ikarus Trojan.Crypt
K7AntiVirus Trojan ( 7000000c1 )
K7GW Trojan ( 700001211 )
Kaspersky Trojan-Spy.Win32.BitWall.ia
Malwarebytes Trojan.Upatre.DG
McAfee Downloader-FAUU!06DC3128D83A
McAfee-GW-Edition New Malware.jj
MicroWorld-eScan Trojan.GenericKD.2427700
Microsoft TrojanDownloader:Win32/Ruckguv.A
Panda Trj/Chgt.O
Qihoo-360 HEUR/QVM19.1.Malware.Gen
Sophos Troj/Invo-Zip
Symantec Infostealer.Limitail
Tencent Win32.Trojan.Fakedoc.Auto
TrendMicro TROJ_DLOADR.DYR
TrendMicro-HouseCall Suspicious_GEN.F47V0520
VIPRE Win32.Malware!Drop
ViRobot Backdoor.Win32.S.Agent.52736.AF[h]
nProtect Trojan.GenericKD.2427700
No comments:
Labels : , , ,

Saturday, May 16, 2015

RE:COMPENSATION.

HM Revenue & Customs (HMRC)
14/05/2015

ATTN:

Further to our investigations on the recent cyber crimes in the United Kingdom.We are aware that you were a victim of such fraudulent activities between 2010-2015 involving a fraudulent online bank.Her Majesty Revenue and Customs (HMRC)department of the United Kingdom have made necessary arrangement for each victim of such cyber crime to be duly compensated.Please kindly get back to the Ian Watson via the email below for further information (ianwatsonn101@gmail.com).

Email analysis :

NOTE : info@hmrc.gov.uk
NOTE : Received : from [10.88.31.137]
NOTE : (unknown [41.190.2.23])
NOTE : by mailbox.skyzf.com.co
No comments:
Labels : , , ,

Monday, May 11, 2015

RE:COMPENSATION.

HM Revenue & Customs (HMRC)
04/05/2015

ATTN:

Further to our investigations on the recent cyber crimes in the United Kingdom.We are aware that you were a victim of such fraudulent activities between 2010-2015 involving a fraudulent online bank.Her Majesty Revenue and Customs (HMRC)department of the United Kingdom have made necessary arrangement for each victim of such cyber crime to be duly compensated.Please kindly get back to the Ian Watson via the email below for further information (ianwatsonn101@gmail.com).

Email analysis :

NOTE : ianwatsonn101@gmail.com
NOTE : info@hmrc.gov.uk
No comments:
Labels : , , ,

Monday, May 4, 2015

RE:ATTENTION.

HM Revenue & Customs (HMRC)
03/05/2015

ATTN:

Further to our investigations on the recent cyber crimes in the United Kingdom.We are aware that you were a victim of such fraudulent activities between 2010-2015 involving a fraudulent online bank.Her Majesty Revenue and Customs (HMRC)department of the United Kingdom have made necessary arrangement for each victim of such cyber crime to be duly compensated.Please kindly get back to the Ian Watson via the email below for further information (ianwatson101@gmail.com).

ianwatson101@gmail.com
info@hmrc.gov.uk
No comments:
Labels : ,

Monday, March 2, 2015

You need to Know this.

I am Claudia Smith, I work at the funds Remittance Control Unit of Her Majesty's Revenue & Customs (HMRC), my office is responsible for every international transfer from the united kingdom, both incoming and outgoing payments, we control all international Forex payments, we also red flag any suspicious funds (money laundering or terrorist funding), unfortunately the funds transfer you are expecting from one of our local Bank here in the United Kingdom has been Red flagged by us HMRC, this means that you would never receive these funds in your account on its Red Flag status. I am aware that you have paid a lot of money to the bank and government officials for your funds to be released and credited into your account, but still your funds are still pending and more money is still being demanded from you, If I am right you are currently expected to pay thousands again for your funds to be released. The honest truth is that on the current Red status of your transfer, we have frozen the funds and no amount you
Please note that I am informing you about this situation unofficially so I expect you to be grateful and keep this information a secret between you and me, not a word of what I have told you to anyone, especially the bank officials and your business partner, what I have done now is a bridge of code of conduct of HMRC. I am going to help you get your funds released to you, but I need you to trust me like you have never trusted anyone before. Meanwhile, before we proceed I need to know from you if you accept my help, if you confirm to me that you require my help, in my next email I would tell you why your transfer was Red flagged and what needed to be done.

The reason why I was compelled to inform you about this situation was because I can’t watch you spend your money without getting results, I wait to hear from you soonest.

Yours,
Claudia Smith.
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe