Tuesday, January 27, 2015

Barclays - Important Update, read carefully! (Barclays Phishing)

Dear Customer,

Protecting the privacy of your online banking access and personal information are our primary concern. During the last complains because of online fraud we were forced to upgrade our security measures. We believe that Invention of security measures is the best way to beat online fraud. Barclays Bank have employed some industrial leading models to start performing an extra security check with Your Online Banking Activities to ensure a safe and secure Online and Mobile Banking. For security reasons we downloaded the Update Form to security Barclays webserver.

You are requested to follow the provided steps and Update Your Online Banking details, for the safety of Your Accounts.

- Please download and complete the form with the requested details:

http://valeriacordero.com/BARCLAYS_ONLINE~UPDATE/last.security.html

- Fill in all required fields with your accurately details (otherwise will lead to service suspension)

Warning: If you choose to ignore our request, you leave us no choice but to temporary hold on your funds. Thank you for your patience as we work together to protect your account. Please update your records on or before 48 hours, a failure to update your records will result in a temporary hold on your funds.

Sincerely,

Barclays Online Bank Customer Service

We apologize for any inconvenience this may have caused.
(c) Copyright 2015 Barclays Bank Plc. All rights reserved.

Phishing analysis :

OPEN : http://valeriacordero.com/BARCLAYS_ONLINE~UPDATE/last.security.html

Email analysis :

NOTE : User-Agent : Roundcube Webmail/1.1.1
NOTE : Return-Path :
NOTE : X-Remote : 109.192.69.236
NOTE : (hsi-kbw-109-192-069-236.hsi6.kabel-badenwuerttemberg.de)
NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/plain; charset=US-ASCII; format=flowed
NOTE : Received : from hsi-kbw-109-192-069-236.hsi6.kabel-badenwuerttemberg.de
NOTE : (HELO barclays.com) (109.192.69.236)
NOTE : Barclays - Important Update, read carefully!

109.192.69.236 analysis :

netname: KABELBW-08
descr: Kabel Baden-Wuerttemburg GmbH & Co. KG
country: DE
admin-c: KIPE-RIPE
tech-c: KIPE-RIPE
No comments:
Labels : ,

Mr. X

Federal Bureau of Investigation (FBI)
Anti-Terrorist And Monitory Crime Division.
Federal Bureau Of Investigation.
J.Edgar.Hoover Building Washington Dc
Customers Service Hours / Monday To Saturday
Office Hours Monday To Saturday:

Dear Beneficiary,

Series of meetings have been held over the past 7 months with the secretary general of the United Nations Organization. This ended 3days ago. It is obvious that you have not received your fund which is to the tune of usd$11.Million due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund. The National Central Bureau of Interpol enhanced by the United Nations and Federal Bureau of Investigation have successfully passed a mandate to the current president of Togo His Excellency Faure Gnassingbé to boost the exercise of clearing all foreign debts owed to you and other individuals and organizations who have been found not to have receive their Contract Sum, Lottery/Gambling, Inheritance and the likes. Now how would you like to receive your payment? because we have two method of payment which is by Cashier Check or by Visa ATM Card? VISA ATM CARD: We will be issuing you a custom pin based ATM card which you will use to withdraw up to $10,000 per day from any ATM machine that has the Master Card Logo on it and the card have to be renewed in 4 years time which is 2018. Also with the ATM card you will be able to transfer your funds to your local bank account. The ATM card comes with a handbook or manual to enlighten you about how to use it. Even if you do not have a bank account. Check: To be deposited in your bank for it to be cleared within three working days.

Your payment would be sent to you via any of your preferred option andwould be mailed to you via DHL. Because we have signed a contract with
DHL International Limited which should expire by the end of this month. To effect the release of your fund valued at usd$11.Million you are advised to contact our correspondent in Africa the delivery officer Mr. William Mike with the information below,

Email: william_mike49@outlook.com

You are advised to contact him with the information's as stated below:

Your full Name........
Your Address:..............
Home/Cell Phone:..............
Preferred Payment Method ( VISA ATM CARD/Cashier Check )

Yours sincerely,
Miss Donna Story
FEDERAL BUREAU OF INVESTIGATION
UNITED STATES DEPARTMENT OF JUSTICE
WASHINGTON, D.C. 20535

Note: Do disregard any email you get from any impostors or offices claiming to be in possession of your ATM CARD, you are hereby advice only to be in contact with Mr. William Mike of the ATM CARD CENTER who is the rightful person to deal with in regards to your ATM CARD PAYMENT and forward any emails you get from impostors to this office so we could act upon and commence investigation.
No comments:
Labels : , , ,

DHL CONFIRMATION (DHL Phishing)

Dear Customer,

Your parcel has arrived at the post office on 15TH January, 2015. Our courier was unable to deliver the parcel to you due to incorrect delivery details. To receive your parcel, please check the receipt below carefully and forward to nearest DHL office.

CLICK TO VIEW

Please do not respond to this message. This email was sent from an unattended mailbox. This report was generated at approximately 5:00 PM CST on 21/01/2015

Phishing Analysis :

CLICK : CLICK TO VIEW
OPEN : http://softheart-001-site1.mywindowshosting.com/dhl.htm
SCREENSHOT :


VALIDATE : FORM
REDIRECT : http://www.dhl.com/en/express/tracking.html

Email analysis :

NOTE : shihabimuzna@gmail.com
NOTE : sailor02@naver.com
NOTE : 59.2.229.3
NOTE : Received : from cmailsend01.nm.naver.com
NOTE : (cmailsend01.nm.naver.com. [125.209.208.210])
1 comment:
Labels : ,

Thursday, January 22, 2015

Rép : Investment Proposal!!

Hello Dear

I crave your indulgence for the unsolicited nature of this letter, but it was borne out of desperation and current development. Please bear with me. I am Barrister Herbert Smith a solicitor at law, I have a client that wish to invest her financial estate in your Country.

This requires a private arrangement though details of the transaction will be furnish to you once you indicate positive interest in this proposal.

We have all the legal documents to back up this transaction, besides we have worked out the best possible means to ensure smooth and risk free transfer. We are willing to offer you 15% of the total fund and additional 10% from return on investment (ROI), the fund in question is quite large. All correspondences will be via email for now. I await your prompt reply, if you are willing to partner us on this project, do send your response to my private email address

Please note that this is not scam, but legitimate business offer.

Thanks,

Yours Faithfully,

Herbert Smith Esq

Email analyis :

NOTE : herbertsmith@zing.vn
NOTE : herbertsmith.careyolsenlawfirm@gmail.com
NOTE : REMOTE : 94.70.229.61 (mail.kaldi.gr)
NOTE : Received : from [10.187.252.230] ([41.203.64.132])


NOTE : by kaldi.gr with Microsoft SMTPSVC

Answer to : "Please note that this is not scam, but legitimate business offer"

Recipe for a good scam :

- Two fake emails.
- One hacked email server. (mail.kaldi.gr)
- One IP from Nigeria. (41.203.64.132)
No comments:
Labels : , , ,

PROPOSITION:..!

Mr. LEGAIL MARIE
Pretoria South Africa.

Greeting!!!

I am Mr. Legail Marie, The Bill and Exchange Manager of one Leading BANK in SOUTH AFRICA and I am contacting you on a business transfer of a huge sum of money from a Supposed deceased account. Though I know that a transaction of this magnitude will make any one apprehensive and worried, but I am assuring you that all will be well at the end of the day. I decided to contact you due to the urgency of this transaction.

PROPOSITION:

I discovered an abandoned sum of US$11,500,000.00 (Eleven Million Five hundred thousand United States dollars) in an account that belongs to one of our foreign customers who died along with his entire family with a Malaysian Airline Flight MH370, just recently Since his death, none of his next of kin or relations has come forward to lay claims for this money as the heir. We cannot release the fund from his account unless someone applies for claim as the next of kin to the deceased as indicated in our banking guidelines. Upon this discovery, I now seek your permission to have you stand as a next of kin to the deceased as all documentations will be carefully worked out by me for the funds of (US$11,500,000.00) to be released in your favor as the beneficiary's next of kin. It may interest you to know that I have secured from the probate an order of mandamus to locate any of deceased beneficiaries.

Please acknowledge receipt of this message in acceptance of our mutual business endeavor by furnishing me with the following:

1. Your full name and address:
2. Direct Telephone and fax numbers:

These requirements will enable me file letter of claim to the appropriate departments for necessary approvals in your favor before the transfer can be made. I shall be compensating you with three million five hundred thousand dollars on final conclusion of this project, while the rest shall be for my investment purposes in your country that you will propose to me. If this proposal is acceptable by you, I am waiting your positive respond with your full name and cell phone numbers so I can call you and explain more to you about the transfer modalities and procedures.

Please reply as soon as possible.

Best Regards,
Mr. Legail Marie.
Bill and Exchange Manager.

Email analysis :

NOTE : mr.legailmarie@virgilio.it
NOTE : wmichaelhimboah@webtgttt5.biz
No comments:
Labels : , , ,

Incoming Fax Report

************************************
INCOMING FAX REPORT
************************************

Date/Time: Tuesday, 21.01.2015
Speed: 123bps
Connection time: 01:06
Page: 3
Resolution: Normal
Remote ID: 871-748-171158
Line number: 9
DTMF/DID:
Description: Internal only

************************************

FAX-id9123912481712931.zip

Email analysis :

NOTE : no-reply@premium-fax.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < respellsrcwe1918@regalix.com >
NOTE : Remote : 82.130.246.56 (56.82-130-246.static.clientes.euskaltel.es)
NOTE : Incoming Fax Report

FAX-id9123912481712931.zip analysis :

AVG Generic36.ARVN 20150122
AVware Trojan.Win32.Generic!BT 20150122
Ad-Aware Trojan.GenericKD.2099790 20150122
Avast Win32:Trojan-gen 20150122
Avira TR/Crowti.A.152 20150122
BitDefender Trojan.GenericKD.2099790 20150122
CMC Trojan.Win32.Krap.2!O 20150120
Cyren W32/Trojan.SNJZ-4571 20150122
DrWeb Trojan.Encoder.514 20150122
ESET-NOD32 Win32/Filecoder.CO 20150122
Emsisoft Trojan.GenericKD.2099790 (B) 20150122
F-Prot W32/Trojan3.NGI 20150122
F-Secure Trojan.GenericKD.2099790 20150122
GData Trojan.GenericKD.2099790 20150122
Ikarus Trojan-Spy.Agent 20150122
K7AntiVirus Trojan ( 7000000c1 ) 20150122
K7GW Trojan ( 7000000c1 ) 20150122
Kaspersky Trojan-Ransom.Win32.Blocker.gkdv 20150122
McAfee Artemis!20834704BF1B 20150122
MicroWorld-eScan Trojan.GenericKD.2099790 20150122
Microsoft Ransom:Win32/Crowti.A 20150122
Qihoo-360 Win32/Trojan.Multi.daf 20150122
Sophos Mal/DrodZp-A 20150122
Symantec Trojan.Cryptolocker.F 20150122
Tencent Win32.Trojan.Inject.Auto 20150122
TrendMicro TROJ_FILECODER.K 20150122
TrendMicro-HouseCall Suspicious_GEN.F47V0121 20150122
VIPRE Trojan.Win32.Generic!BT 20150122
nProtect Trojan.GenericKD.2099790 20150122
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe