READ AND REPLY

Good Day,

My Name is Mr Johnston Raymond, am contacting you in regards of Andrei Borodin.

Please Read Link for your perusal...

http://www.bbc.co.uk/news/world-europe-21627481

I will only give further details if you are interested because this transaction is Highly Confidential.

If you are interested, please write back.

Regards,
Mr Johnston Raymond
+229 98776635

Email analysis :

NOTE : Return-Path : < johnstonraymondgeo@hotmail.com >
NOTE : Received : from ataxar.netbeat.de (HELO mailout2.netbeat.de) (46.151.162.29)
NOTE : Received : from www.netbeat.de (devel.netbeat.de [83.243.58.143])
NOTE : by mailout2.netbeat.de

NOTE : Received : from 41.86.235.102 ([41.86.235.102]) by www.netbeat.de

NOTE : (Horde MIME library)
NOTE : Message-Id : < *.*@www.netbeat.de >
NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed"
NOTE : Content-Disposition : inline
NOTE : Content-Transfer-Encoding : 7bit
NOTE : User-Agent : Internet Messaging Program (IMP) H3 (4.1.3)

NOTE : X-Originating-Ip : 41.86.235.102

NOTE : X-Remote-Browser : Mozilla/5.0 (Windows NT 6.1; WOW64)
NOTE : AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
NOTE : X-Complaints-To : abuse@netbeat.de
NOTE : X-Imap-User : gbau@kabiosiara.net
NOTE : X-Imap-Server : mail.netbeat.de
NOTE : READ AND REPLY

CRUDE OIL PARTNERSHIP OPPORTUNITY

Hello,

The Project is about the exportation of 100,000 barrels of Light Crude Oil daily out from Iraq to Turkey through my client's company in Iraq at the rate of $100.00 a barrel. This amount to $10,000,000 daily. I ask for your support as a foreigner to handle this business project with my client, and you are not expected to invest in Iraq, due to the current violent crisis going on in Iraq, If yes? let me know and we will discuss this project further.

Regards,
Kim.
Contact Email : 2818574801@qq.com

Dear Beneficiary

Dear Friend,

There was a meeting held on 4th January 2014 here in Africa with all AFRICA CURRENT AND PAST PRESIDENTS IN CONJUNCTION with IMF OFFICIALS to pay all debts owed to foreign Contractors and Beneficiaries. After the meeting, a committee was inaugurated and called (DEBTS RECONCILATION COMMITTEE) to pay all debts as well as compensation where necessary. To claim your payment or compensation, send your personal information such as your full name, postal address, telephone and fax numbers, age, and occupation

To IMF Accountant; Susan Morgan
E-mail: mrssusanmorgandesk@yahoo.com.hk

Your early reply is an advantage

Yours faithfully,
Susan Morgan

Email analysis :

NOTE : Return-Path : < dodora.iknwa@aol.co.uk>
NOTE : Received : from oms-mc04.r1000.mx.aol.com (64.12.81.69)
NOTE : Received : from omr-m09.mx.aol.com (omr-m09.mx.aol.com [64.12.143.82])
NOTE : Received : from mtaout-mcd02.mx.aol.com (mtaout-mcd02.mx.aol.com [172.26.223.206])
NOTE : Received : from PC-PC (94.196.86.247.threembb.co.uk [94.196.86.247])
NOTE : Content-Type : multipart/alternative; charset="ISO-8859-1";
NOTE : Mime-Version : 1.0
NOTE : Message-Id : < *@smtp.aol.com >
NOTE : X-Aol-Global-Disposition : S
NOTE : X-Spam-Flag : YES
NOTE : X-Aol-Reroute : YES
NOTE : X-Aol-Ip : 94.196.86.247
NOTE : Dear Beneficiary

Alert Transactions Report by users from 2014-09-28 to 2014-09-28

Your requested report is attached here.

< transact_store.zip >

Email analysis :

NOTE : Return-Path :
NOTE : Received : from unknown (HELO pulik.in) (41.216.215.152)

NOTE : Received : from [177.140.36.115] (helo=mgroiipvpbw.iyxefpsmk.ua)

NOTE : X-Mailer : The Bat! (v3.71.14) Professional

NOTE : X-Priority : 3 (Normal)
NOTE : Message-Id : < *.*@nwhxppulruhvq.ecbucf.net >
NOTE : Mime-Version : 1.0
NOTE : Content-Type : multipart/mixed; boundary="----------*"
NOTE : Alert Transactions Report by users from 2014-09-28 to 2014-09-28

Virus analysis :

AVG : MSIL5.RCS
Ad-Aware : Trojan.Agent.BFYC
Avira : TR/Crypt.Xpack.98991
Baidu-International : Trojan.Win32.Wauchos.bAF
BitDefender : Trojan.Agent.BFYC
ESET-NOD32 : Win32/TrojanDownloader.Wauchos.AF
Emsisoft : Trojan.Agent.BFYC (B)
F-Secure : Trojan.Agent.BFYC
Fortinet : W32/Wauchos.AF!tr
GData : Trojan.Agent.BFYC
Ikarus : Win32.Outbreak
Kaspersky : Backdoor.Win32.Androm.fcxu
McAfee : Artemis!182EE0F73CD9
MicroWorld-eScan : Trojan.Agent.BFYC
Qihoo-360 : HEUR/QVM03.0.Malware.Gen
Sophos : Troj/Zbot-JAQ
Symantec : Backdoor.Trojan
Tencent : Win32.Trojan.Inject.Auto
TheHacker : W32/Bagle.gen.pwdzip5
TrendMicro : TROJ_WAUCHOS.WFB

Attention: Sole Beneficiary,

Attention: Sole Beneficiary,

We have finally succeeded in getting your package worth of $3.6million out on delivery to you via consignment with the help of Mr James George Attorney General of Federal High Court of Justice BENIN REPUBLIC which act as your foreign Attorney representative here in BENIN REPUBLIC. So every necessary arrangement has been made successfully with the Agent Owen Samuelson of the Consignment Box and every Documents guiding your delivery is well updated so you are advice to re-confirm your full delivery information to the Agent right now as he is currently at JFK International Airport, New York, (USA) with your Consignment Box, As he called me this morning to inform me that he misplaced your delivery address which he had. So you are advice to reconfirm your full delivery information to the diplomat and E-mail him with this mail address { owensamuelson@outlook.fr } so as to have easy conversation with him and to enable you give him full direction to get your Consignment Box delivered to you and hand you over your Consignment Box safe and sound, Furthermore you are advice to be very fast as the Agent Owen Samuelson has no much time to waste due to his flight ticket, So the Information you are Required to Reconfirm to the Agent is as Follow:

(1)Your Full Name=============
(2)Mobile Phone Number======
(3)Current Home Address========
(4)Fax Number================
(5)Country====================
(6)City======================
(7)Nearest Airport ==============As he is at JFK International Airport, New York, (USA) right now because of the Searching and Scanning of the Consignment which made him to misplace your address.
(8)A Copy of Your I D For Identification.driving license So contact him via his email address,

Contact person:

Name- Agent Mr. Owen Samuelson
E-mail Address ( owensamuelson@outlook.fr)

So contact him to deliver your Consignment box to you today, So get back to us immediately you communicate with the Agent to make sure that your fund has gotten to you without any hitch, Furthermore remember the Agent delivering the Consignment Box does not know that the content of the consignment box is money, Because the Attorney which represented you registered it as a family value to avoid hitch during the delivery so unknown circumstances should you let him know that the content of that consignment box is money to avoid lost of your fund as your Consignment was Sign and Stamp by Federal Ministry of Justice to make sure that it is protected until it gets to you.

Regards,
Rev.Dr. Peter Godwin
Mobile: (+229) 61669757

Email analysis :

NOTE : owensamuelson@outlook.fr
NOTE : Return-Path : < bernard_barrister011@yahoo.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Type : multipart/alternative; boundary="----=_Part_616719_1881113233.1412757824569"
NOTE : Content-Length : 6221
NOTE : X-Remote : 98.139.212.154 (nm3-vm0.bullet.mail.bf1.yahoo.com)
NOTE : Attention: Sole Beneficiary,

Urgent Validate Your Alibaba Membership (Alibaba phishing)

Alibaba

Dear Valued User:

Alibaba service verification !

Your Alibaba service account needs an important email verification due to the new upgrade on our system security server. you are therefore required to verify your email account by following the reference below:

Click here now to get your email verified >>

Wishing you the very best of business!
Alibaba.com’s Service Team
This is an automated email. Please do not reply directly.

If you have any questions, please review the privacy protection rules
Hotline: 0571-85027110 E-mail: ali@alibaba-inc.com Service Center

Email analysis :

NOTE : Received : from pluto.solutiiweb.com (pluto.solutiiweb.com. [91.210.80.80])

NOTE : Received : from apuseni by pluto.solutiiweb.com with local (Exim 4.82)
NOTE : Return-Path : < apuseni@pluto.solutiiweb.com >
NOTE : client-ip=91.210.80.80;

NOTE : X-Php-Script : pensiunea-apuseniwild.ro/banner..php for 41.150.228.229

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Message-Id : < *@pluto.solutiiweb.com >
NOTE : X-Get-Message-Sender-Via : pluto.solutiiweb.com:
NOTE : authenticated_id: apuseni/only user confirmed/virtual account not confirmed
NOTE : X-Source : /usr/bin/php
NOTE : X-Source-Args : /usr/bin/php /home/apuseni/public_html/banner..php
NOTE : X-Source-Dir : pensiunea-apuseniwild.ro:/public_html
NOTE : Urgent Validate Your Alibaba Membership

Phishing analysis :

CLICK : "Click here now to get your email verified >>"
OPEN : http://www.pool-glass-fencing.com.au/alibaba/index.html
RESULT : 404, used to be a phishing page.

pool-glass-fencing.com.au whois :

Domain Name pool-glass-fencing.com.au
Last Modified 13-Feb-2013 12:19:22 UTC
Registrar ID WAR
Registrar Name Web Address Registration
Status ok
Registrant BIERMAN, REYNOLD JAMES
Registrant ID ABN 75792879133
Eligibility Type Sole Trader
Registrant Contact ID R-010196021-SN
Registrant Contact Name Reynold Bierman
Registrant Contact Email reynold.bierman@yahoo.com.au
Tech Contact ID C-000954601-SN
Tech Contact Name Reynold Bierman
Tech Contact Email reynold.bierman@yahoo.com.au
Name Server ns1.qnetau.com
Name Server ns2.qnetau.com
Name Server ns3.qnetau.com