Verizon Phishing


IMPORTANT ACCOUNT NOTE FROM VERIZON WIRELESS.
Your acknowledgment message is issued.

Your account No. ending in 4133

Dear Client

For your accommodation, your confirmation letter can be found in the Account Documentation desk of My Verizon. Please browse your informational message for more details relating to your new transaction.

Open Information Message

In addition, in My Verizon you will find links to information about your device & services that may be helpfull if you looking for answers. Thank you for joining us.My Verizon is laso works 24 hours 7 days a week to assist you with:Viewing your utilizationUpgrade your tariffManage Account MembersPay for your billAnd much, much more...

© 2013 Verizon Wireless
Verizon Wireless | One Verizon Way Mail Code: 113WVC | Basking Ridge, MI 87325

We respect your privacy. Please browse our policy for more information

Fetching links :

=======================================================
http://www.samwell.su/upload.htm
=======================================================

Extracting datas :

samwell.su is hosted on 77.221.130.37 by :
=======================================================
aut-num: AS30968
as-name: INFOBOX-AS
descr: Infobox.ru Autonomous System
=======================================================
import: from AS8744 accept ANY
import: from AS9002 accept ANY
import: from AS20764 accept ANY
import: from AS43690 accept AS-SPBROUTESERVER
=======================================================
export: to AS8744 announce AS-INFOBOX
export: to AS9002 announce AS-INFOBOX
export: to AS20764 announce AS-INFOBOX
export: to AS43690 announce AS-INFOBOX
=======================================================
admin-c: DUMY-RIPE
tech-c: DUMY-RIPE
mnt-by: RIPE-NCC-END-MNT
mnt-routes: INFOBOX-MNT
mnt-by: INFOBOX-MNT
=======================================================
changed: hostmaster(at)ripe.net 20040129
changed: rustam(at)infobox.ru 20041019
changed: rustam(at)infobox.ru 20050628
changed: rustam(at)infobox.ru 20060321
changed: rustam(at)infobox.ru 20090520
changed: rustam(at)infobox.ru 20100604
=======================================================
source: RIPE
=======================================================
remarks: ****************************
remarks: * THIS OBJECT IS MODIFIED
remarks: * Please note that all data that is generally regarded as personal
remarks: * data has been removed from this object.
remarks: * To view the original object, please query the RIPE Database at:
remarks: * http://www.ripe.net/whois
remarks: ****************************
=======================================================
samwell.su whois :
=======================================================
domain: SAMWELL.SU
=======================================================
nserver: ns1.infobox.org.
nserver: ns2.infobox.org.
nserver: ns3.infobox.org.
nserver: ns4.infobox.org.
=======================================================
state: REGISTERED, DELEGATED
person: Private Person
e-mail: marikler@list.ru
registrar: R01-REG-FID
created: 2009.11.06
paid-till: 2013.11.06
free-date: 2013.12.09
source: TCI
=======================================================

Social engineering is a long path...

Twitter Phishing from China 2

This morning, I received a message on Twitter :

Did you see this pic of you? lol bit.ly/V66IFi ... :rajesh

Fetching links :

=======================================================
bit.ly/V66IFi >>>> http://t.co/fO2zHet
http://t.co/fO2zHet >>>> http://itwtier.com/16/verify/?&account_secure_login
=======================================================

Extracting datas :

itwtier.com is hosted on 220.164.140.246 by :
=======================================================
aut-num: AS4134
as-name: CHINA-TELECOM
descr: China Telecom
=======================================================
import: from AS6993 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS14923 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS3561 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS1239 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS2914 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS5727 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS6453 action pref=10; accept ANY NOT {0.0.0.0/0}
import: from AS701 action pref=10; accept ANY NOT {0.0.0.0/0}
=======================================================
export: to AS6993 announce AS-CN
export: to AS14923 announce AS-CN
export: to AS3561 announce AS-CN
export: to AS1239 announce AS-CN
export: to AS2914 announce AS-CN
export: to AS5727 announce AS-CN
export: to AS6453 announce AS-CN
export: to AS701 announce AS-CN
=======================================================
admin-c: ZX2-SAVVIS
tech-c: WW7-SAVVIS
notify: staff(at)ns.bta.net.cn
mnt-by: MAINT-AS4134
changed: wwei(at)cndata.com 20001219
source: SAVVIS
=======================================================
aut-num: AS4134
as-name: CHINANET-BACKBONE
descr: No.31,Jin-rong Street
descr: Beijing
descr: 100032
country: CN
remarks: for backbone of chinanet
admin-c: CH93-AP
tech-c: CH93-AP
mnt-by: MAINT-CHINANET
mnt-routes: MAINT-CHINANET
=======================================================
changed: shenjun(at)cndata.com 20030113
changed: hm-changed(at)apnic.net 20041221
changed: hm-changed(at)apnic.net 20060601
=======================================================
source: APNIC
=======================================================
itwtier.com whois :
=======================================================
Domain Name.......... itwtier.com
=======================================================
Creation Date........ 2013-01-08 20:58:44
Registration Date.... 2013-01-08 20:58:44
Expiry Date.......... 2014-01-08 20:58:44
=======================================================
Organisation Name.... fang yun
Organisation Address. Shang hai City
Organisation Address. Shang Hai
Organisation Address. 200000
Organisation Address. SH
Organisation Address. CN
=======================================================
Admin Name........... fang yun
Admin Address........ Shang hai City
Admin Address........ Shang Hai
Admin Address........ 200000
Admin Address........ SH
Admin Address........ CN
Admin Email.......... liangyan997@hotmail.com
Admin Phone.......... +86.2187751100
Admin Fax............ +86.2187751100
=======================================================
Tech Name............ tao li
Tech Address......... Zhengzhou
Tech Address......... Zhengzhou
Tech Address......... 450008
Tech Address......... HA
Tech Address......... CN
Tech Email........... ym@enkj.com
Tech Phone........... +86.37160135955
Tech Fax............. +86.37160123888
=======================================================
Bill Name............ tao li
Bill Address......... Zhengzhou
Bill Address......... Zhengzhou
Bill Address......... 450008
Bill Address......... HA
Bill Address......... CN
Bill Email........... ym@enkj.com
Bill Phone........... +86.37160135955
Bill Fax............. +86.37160123888
=======================================================
Name Server.......... ns13.dns.com.cn
Name Server.......... ns14.dns.com.cn
=======================================================

Social engineering is a long path...

Ifinancials

Do you need a loan or funding for any reason, if yes Get back to us for more information.We offer loan at low interest rate of 3% and with no credit check. Email: eurobankloan.savings@gmail.com Telephone: +447031958949

Online Advertiser,
Charles Nill

*************** REGULACION DE USO DEL CORREO ELECTRONICO DE LA *************
************************** VICEPRESIDENCIA DE LA REPUBLICA **********************

La informacion contenida en este correo electronico tiene caracter privado y confidencial y esta dirigido exclusivamente a su(s) destinatario(s), no podra ser objeto de reproduccion total o parcial, ni transmision de ninguna forma o por cualquier medio, ya sea electronico, mecanico, digital, registro o cualquier otro, no podra ser distribuido sin el permiso previo y escrito de personas debidamente autorizadas, bajo ningun concepto. Si usted ha recibido este mensaje por error, debe evitar realizar cualquier accion descrita anteriormente, asimismo le agradecemos comunicarlo al remitente y borrar el mensaje y cualquier documento adjunto.

========================================================
Email : jimrobertson43@yahoo.ca
IP : 41.203.67.130
Corrupted server : correo.vicepresidencia.gob.ve
Mailer : Horde
========================================================

FROM Miss Ann William

FROM Miss Ann William

In a brief introduction, I am Ann William (21 years) the only surviving child of late Dr. Anthony William. I am in possesion of some documents covering the deposit of US$7.3 Million (seven million three hundred thousand dollars) which my late father deposited in one bank in ABIDJAN Capital city of COTE D'IVORE. I have verified the transaction with the bank here and it's authencity is clear. This fund is of no criminal origin as it was realised from sales of the alluvial gold dust. I am soliciting for your kind assistance in retrieving and claiming this fund from the bank here as my father's business associate and have it transferred to your account in your country for investment. You will also serve as the guardian to this fund as i'm not at all knowledgeable in the international business world. I will give you further details as soon as I hear from you, and we will discuss terms and percentage subsequently but you must treat highly confidentail. I await for your response.

Best wishes
Ms. Ann William.

========================================================
Email : annwilliam@kimo.com
IP : 41.207.15.142
Reverse IP : adsl-41.207.15.142.aviso.ci
Mailer : YahooMailClassic/15.1.2 YahooMailWebService/0.8.130.494
========================================================

Very Urgent............. (FRANCK JOHNSTON)

Attn: Beneficiary ,

We wish to inform you that the diplomatic agent conveying the consignment box valued the sum of $4.8 Million United States Dollars misplaced your address and he is currently stranded at your International airport now. We required you reconfirm the following information below so that he can deliver your consignment box to you today.

NAME: ========
ADDRESS: ======
MOBILE NO.:=========
NAME OF YOUR NEAREST AIRPORT:======
A COPY OF YOUR IDENTIFICATION :=====.

Please do contact the diplomatic agent with the email below with the information required.

Contact Person : Dr. Mark Morgan
MAIL: ( dip.markmorgan@e-mail.ua ) He is waiting to hear from you today with the information.

NOTE : The Diplomatic agent does not know that the content of the consignment box is $4.8 Millions United States Dollars and on no circumstances should you let him know the content. The consignments was moved from here as family treasures, so never allow him to open the box.

Thanks.
MR.FRANCK JOHNSTON.

Good news from Western Union Money Transfer*

Western Union Money Transfer®
Rue 1171 Isiokwe Road, Lagos, Republic of Nigeria.
Office#: +234-817-960-9254

Attention: Beneficiary!

According to the instruction passed to Every Western Union Department from the office of Nigeria financial intelligent Unit (NFIU), A total sum of USD$2, 000, 000. 00 Two million united state dollars has been issued out to all the affected victims each; and has been in distribution to all the bearers. Your name was among those scammed as listed by the West Africa financial intelligent unit (NFIU) A re-compensation has been issued out in certified bank drafts and also in ATM card, kindly reply to their E-mail address below for further explanation and also for security reason:( britishhighcommission2012@e-mail.ua) Your urgent call is awaited for further direction on how you will receive your found……. +234-817-960-9254

We Congratulate you in Advance.

Mr. Godson Freeman
Western Union Customer Care