Vous avez (1) nouveau message (Blockchain Phishing)

Bonjour,

Vous avez (1) nouveaux messages Sur Votre Messagerie.

Consulter Votre Messagerie,

en cliquant Sur Le lien ci-dessous :

Votre Messagerie

Nous vous remercions de votre confiance.

Service BNP PARIBAS Messagerie.

Having technical difficulties or have a comment about the survey? E-mail us

This survey is available for a Iimited time. We apologise if you are unable to participate.

As explained in Apple's privacy policy, we may use your personal information to contact you to participate in market research surveys. Participation in this or any Apple survey is optional. Unsubscribe from surveyshere.

Other Apple links:

Get help Update your info Leave product feedback

TM and copyright © 2015 Apple Inc. 1 Infinite Loop, MS 303-4CA, Cupertino, CA 95014.
All Rights Reserved / Privacy Policy

Email analysis :

NOTE : info@asos.fr
NOTE : oyuioi@asos.fr
NOTE : X-Mailer : PHPMailer [version 1.73]
NOTE : Received : from asos.fr ([166.63.123.197])

Phishing analysis :

CLICK : Votre Messagerie
OPEN : http://vetclinic-24h-mada.com/yguy
RESULT : Phishing was unresponsive...
TRY : http://vetclinic-24h-mada.com/
SCREENSHOT :

RESULT : IS THIS A PHISHING ? YES, THIS IS A BLOCKCHAIN PHISHING !
CLICK : Se Connecter
REDIRECT : https://blockchain.info/

DocuSign Document (Dropbox Phishing)

You have a new file shared with you via Dropbox secure file transfer

Click here to view

Dropbox Pro also comes with
powerful sharing and security features:
scan.28373.pdfPièce jointe.png

Sign in to access shared file

If you prefer not to receive Dropbox newsletters, please go here.
Dropbox, Inc., PO Box 77767, San Francisco, CA 94107 © 2016 Dropbox

Email screenshot :

Email analysis :

NOTE : Temitjcob@mrapesinol.com
NOTE : X-Organization : ykyrhqaxljfo129498
NOTE : staymoola09@maymostfavour.com
NOTE : X-Originating-Ip : [75.148.115.97]

Phishing analysis :

CLICK : Click here to view
OPEN : http://bit.do/b69KJ
RESULT : Phishing was removed...

INVESTNENT BUSINES PLANE

G-Ideas
75, Washington Avenue
Victoria Island Lagos

Dear Sir/madam,

G-Ideas is a financial management company managing the wealth of some persons both in government and outside government. A serving minister who is one of my clients wants to invest and buy some properties overseas has asked me to find someone who would help him to buy properties in choice areas either in Europe, America or Asia.

Details of this business will be given to you if you are interested to serve as our oversea agent.

Yours faithfully,
Gilbert Onwubiko
CEO G-Ideas.

Email analysis :

NOTE : brtbed0211@bol.com.br
NOTE : g-ideas@outlook.com
NOTE : Received : from static-190-24-156-78.static.etb.net.co
NOTE : 190.24.156.78

Atm Visa Card ($20Million).

Please contact Mr. George Bush Email: speedtrust21@outlook.com Phone
Number: +229-9836-4438 with your full address.

Email analysis :

NOTE : Atm Visa Card ($20Million).
NOTE : speedtrust21@outlook.com
NOTE : ginmacc@tin.it
NOTE : Received : from (197.234.219.18)

NOTE : by wmlighttin.pc.tim.it;
NOTE : Content-Type : text/plain;charset="UTF-8"

PLEASE PERMIT ME

Mr. Jimmy Chien
Vice President/Branch Manager
Industrial and Commercial Bank of China (USA) NA
South San Francisco Branch
235 Grand Avenue, Suite No. 101
South San Francisco, CA 94080, USA

Greetings,

I am Mr. Jimmy Chien, Vice President /Branch Manager ICBC South San Francisco Branch here in California. I am contacting you base on my facts finding about your reputationand someone I can trust for this purpose. The content of my email is a bit detailed that is why I first seek your permission, to let you know before emailing my proposal so won't trash it when I do. Please grant me your permission to email you my proposal of which I know will be acceptable to you if you are willing to be honest with me.

Waiting for your response.

Mr. Jimmy Chien,
Vice President/Branch Manager
Industrial and Commercial Bank of China (USA) NA
South San Francisco Branch.

Email analysis :

NOTE : cjimmy160@gmail.com
NOTE : 2055@charter.net
NOTE : Received : from User (localhost.localdomain [127.0.0.1])
NOTE : by gain-nc.amdswireless.com
NOTE : 24.216.88.183 ()

Automated Tax Refund Notification (HMRC Phishing)

If you can't see this message, view it in your browser.

HM Revenue & Customs

After the last calculations of your fiscal activity , we determined that you are aligible to receive a tax refund of 380.01 £.

To access your tax refund, please follow this link

NOTE: A refund can be delayed a variety of reasons , for exemple submitting invalid records or applying after deadline. Revenue and Tax Administrator

HM Revenue & Customs Tax Credit Office
PO Box 1970
L75 1WX.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.

Email screenshot :

Email analysis :

NOTE : bruce.stewart.agent@gov.uk
NOTE : X-Barracuda-Url : http://10.10.100.232:8000/cgi-mod/mark.cgi
NOTE : X-Barracuda-Connect : 173-12-155-133-northgulf.hfc.comcastbusiness.net
NOTE : [173.12.155.133]
NOTE : mailhost.towne.com
NOTE : X-Barracuda-Auth-User : besadmin
NOTE : X-Barracuda-Apparent-Source-Ip : 173.12.155.133

NOTE : client-ip=12.200.104.232;

Phishing anaylsis :

CLICK : this link
OPEN : http://educacaoadistancia.blog.br/wp-includes/hmrc/
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/?*
SCREENSHOT :

CLICK : Let Start
REDIRECT : http://educacaoadistancia.blog.br/wp-includes/hmrc/startapplication/indentify.php?ip=*
SCREENSHOT :

FILL : FORM
CLICK : Next
SCREENSHOT :

NOTE : LOADING A FAKE REFUND...
CLICK : Start Refund
SCREENSHOT :

SELECT : A bank...
CLICK : Next
SCREENSHOT :

FILL : FORM
CLICK : Continue
SCREENSHOT :

CLICK : Confirm Tax Refund
SCREENSHOT :

REDIRECT : https://www.gov.uk/government/organisations/hm-revenue-customs