Federal Bureau of Investigation (FBI)
Anti-Terrorist And Monitory Crime Division.
Federal Bureau Of Investigation.
J.Edgar.Hoover Building Washington Dc
Customers Service Hours / Monday To Saturday
Office Hours Monday To Saturday:
Dear Beneficiary,
Series of meetings have been held over the past 7 months with the secretary general of the United Nations Organization. This ended 3days ago. It is obvious that you have not received your fund which is to the tune of usd$11.Million due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund. The National Central Bureau of Interpol enhanced by the United Nations and Federal Bureau of Investigation have successfully passed a mandate to the current president of Togo His Excellency Faure Gnassingbé to boost the exercise of clearing all foreign debts owed to you and other individuals and organizations who have been found not to have receive their Contract Sum, Lottery/Gambling, Inheritance and the likes. Now how would you like to receive your payment? because we have two method of payment which is by Cashier Check or by Visa ATM Card? VISA ATM CARD: We will be issuing you a custom pin based ATM card which you will use to withdraw up to $10,000 per day from any ATM machine that has the Master Card Logo on it and the card have to be renewed in 4 years time which is 2018. Also with the ATM card you will be able to transfer your funds to your local bank account. The ATM card comes with a handbook or manual to enlighten you about how to use it. Even if you do not have a bank account. Check: To be deposited in your bank for it to be cleared within three working days.
Your payment would be sent to you via any of your preferred option andwould be mailed to you via DHL. Because we have signed a contract with
DHL International Limited which should expire by the end of this month. To effect the release of your fund valued at usd$11.Million you are advised to contact our correspondent in Africa the delivery officer Mr. William Mike with the information below,
Email: william_mike49@outlook.com
You are advised to contact him with the information's as stated below:
Your full Name........
Your Address:..............
Home/Cell Phone:..............
Preferred Payment Method ( VISA ATM CARD/Cashier Check )
Yours sincerely,
Miss Donna Story
FEDERAL BUREAU OF INVESTIGATION
UNITED STATES DEPARTMENT OF JUSTICE
WASHINGTON, D.C. 20535
Note: Do disregard any email you get from any impostors or offices claiming to be in possession of your ATM CARD, you are hereby advice only to be in contact with Mr. William Mike of the ATM CARD CENTER who is the rightful person to deal with in regards to your ATM CARD PAYMENT and forward any emails you get from impostors to this office so we could act upon and commence investigation.
Tuesday, January 27, 2015
DHL CONFIRMATION (DHL Phishing)
Dear Customer,
Your parcel has arrived at the post office on 15TH January, 2015. Our courier was unable to deliver the parcel to you due to incorrect delivery details. To receive your parcel, please check the receipt below carefully and forward to nearest DHL office.
CLICK TO VIEW
Please do not respond to this message. This email was sent from an unattended mailbox. This report was generated at approximately 5:00 PM CST on 21/01/2015
Phishing Analysis :
CLICK : CLICK TO VIEW
OPEN : http://softheart-001-site1.mywindowshosting.com/dhl.htm
SCREENSHOT :
VALIDATE : FORM
REDIRECT : http://www.dhl.com/en/express/tracking.html
Email analysis :
NOTE : shihabimuzna@gmail.com
NOTE : sailor02@naver.com
NOTE : 59.2.229.3
NOTE : Received : from cmailsend01.nm.naver.com
NOTE : (cmailsend01.nm.naver.com. [125.209.208.210])
Your parcel has arrived at the post office on 15TH January, 2015. Our courier was unable to deliver the parcel to you due to incorrect delivery details. To receive your parcel, please check the receipt below carefully and forward to nearest DHL office.
CLICK TO VIEW
Please do not respond to this message. This email was sent from an unattended mailbox. This report was generated at approximately 5:00 PM CST on 21/01/2015
Phishing Analysis :
CLICK : CLICK TO VIEW
OPEN : http://softheart-001-site1.mywindowshosting.com/dhl.htm
SCREENSHOT :
VALIDATE : FORM
REDIRECT : http://www.dhl.com/en/express/tracking.html
Email analysis :
NOTE : shihabimuzna@gmail.com
NOTE : sailor02@naver.com
NOTE : 59.2.229.3
NOTE : Received : from cmailsend01.nm.naver.com
NOTE : (cmailsend01.nm.naver.com. [125.209.208.210])
Thursday, January 22, 2015
Rép : Investment Proposal!!
Hello Dear
I crave your indulgence for the unsolicited nature of this letter, but it was borne out of desperation and current development. Please bear with me. I am Barrister Herbert Smith a solicitor at law, I have a client that wish to invest her financial estate in your Country.
This requires a private arrangement though details of the transaction will be furnish to you once you indicate positive interest in this proposal.
We have all the legal documents to back up this transaction, besides we have worked out the best possible means to ensure smooth and risk free transfer. We are willing to offer you 15% of the total fund and additional 10% from return on investment (ROI), the fund in question is quite large. All correspondences will be via email for now. I await your prompt reply, if you are willing to partner us on this project, do send your response to my private email address
Please note that this is not scam, but legitimate business offer.
Thanks,
Yours Faithfully,
Herbert Smith Esq
Email analyis :
NOTE : herbertsmith@zing.vn
NOTE : herbertsmith.careyolsenlawfirm@gmail.com
NOTE : REMOTE : 94.70.229.61 (mail.kaldi.gr)
NOTE : Received : from [10.187.252.230] ([41.203.64.132])
NOTE : by kaldi.gr with Microsoft SMTPSVC
Answer to : "Please note that this is not scam, but legitimate business offer"
Recipe for a good scam :
- Two fake emails.
- One hacked email server. (mail.kaldi.gr)
- One IP from Nigeria. (41.203.64.132)
I crave your indulgence for the unsolicited nature of this letter, but it was borne out of desperation and current development. Please bear with me. I am Barrister Herbert Smith a solicitor at law, I have a client that wish to invest her financial estate in your Country.
This requires a private arrangement though details of the transaction will be furnish to you once you indicate positive interest in this proposal.
We have all the legal documents to back up this transaction, besides we have worked out the best possible means to ensure smooth and risk free transfer. We are willing to offer you 15% of the total fund and additional 10% from return on investment (ROI), the fund in question is quite large. All correspondences will be via email for now. I await your prompt reply, if you are willing to partner us on this project, do send your response to my private email address
Please note that this is not scam, but legitimate business offer.
Thanks,
Yours Faithfully,
Herbert Smith Esq
Email analyis :
NOTE : herbertsmith@zing.vn
NOTE : herbertsmith.careyolsenlawfirm@gmail.com
NOTE : REMOTE : 94.70.229.61 (mail.kaldi.gr)
NOTE : Received : from [10.187.252.230] ([41.203.64.132])
NOTE : by kaldi.gr with Microsoft SMTPSVC
Answer to : "Please note that this is not scam, but legitimate business offer"
Recipe for a good scam :
- Two fake emails.
- One hacked email server. (mail.kaldi.gr)
- One IP from Nigeria. (41.203.64.132)
PROPOSITION:..!
Mr. LEGAIL MARIE
Pretoria South Africa.
Greeting!!!
I am Mr. Legail Marie, The Bill and Exchange Manager of one Leading BANK in SOUTH AFRICA and I am contacting you on a business transfer of a huge sum of money from a Supposed deceased account. Though I know that a transaction of this magnitude will make any one apprehensive and worried, but I am assuring you that all will be well at the end of the day. I decided to contact you due to the urgency of this transaction.
PROPOSITION:
I discovered an abandoned sum of US$11,500,000.00 (Eleven Million Five hundred thousand United States dollars) in an account that belongs to one of our foreign customers who died along with his entire family with a Malaysian Airline Flight MH370, just recently Since his death, none of his next of kin or relations has come forward to lay claims for this money as the heir. We cannot release the fund from his account unless someone applies for claim as the next of kin to the deceased as indicated in our banking guidelines. Upon this discovery, I now seek your permission to have you stand as a next of kin to the deceased as all documentations will be carefully worked out by me for the funds of (US$11,500,000.00) to be released in your favor as the beneficiary's next of kin. It may interest you to know that I have secured from the probate an order of mandamus to locate any of deceased beneficiaries.
Please acknowledge receipt of this message in acceptance of our mutual business endeavor by furnishing me with the following:
1. Your full name and address:
2. Direct Telephone and fax numbers:
These requirements will enable me file letter of claim to the appropriate departments for necessary approvals in your favor before the transfer can be made. I shall be compensating you with three million five hundred thousand dollars on final conclusion of this project, while the rest shall be for my investment purposes in your country that you will propose to me. If this proposal is acceptable by you, I am waiting your positive respond with your full name and cell phone numbers so I can call you and explain more to you about the transfer modalities and procedures.
Please reply as soon as possible.
Best Regards,
Mr. Legail Marie.
Bill and Exchange Manager.
Email analysis :
NOTE : mr.legailmarie@virgilio.it
NOTE : wmichaelhimboah@webtgttt5.biz
Pretoria South Africa.
Greeting!!!
I am Mr. Legail Marie, The Bill and Exchange Manager of one Leading BANK in SOUTH AFRICA and I am contacting you on a business transfer of a huge sum of money from a Supposed deceased account. Though I know that a transaction of this magnitude will make any one apprehensive and worried, but I am assuring you that all will be well at the end of the day. I decided to contact you due to the urgency of this transaction.
PROPOSITION:
I discovered an abandoned sum of US$11,500,000.00 (Eleven Million Five hundred thousand United States dollars) in an account that belongs to one of our foreign customers who died along with his entire family with a Malaysian Airline Flight MH370, just recently Since his death, none of his next of kin or relations has come forward to lay claims for this money as the heir. We cannot release the fund from his account unless someone applies for claim as the next of kin to the deceased as indicated in our banking guidelines. Upon this discovery, I now seek your permission to have you stand as a next of kin to the deceased as all documentations will be carefully worked out by me for the funds of (US$11,500,000.00) to be released in your favor as the beneficiary's next of kin. It may interest you to know that I have secured from the probate an order of mandamus to locate any of deceased beneficiaries.
Please acknowledge receipt of this message in acceptance of our mutual business endeavor by furnishing me with the following:
1. Your full name and address:
2. Direct Telephone and fax numbers:
These requirements will enable me file letter of claim to the appropriate departments for necessary approvals in your favor before the transfer can be made. I shall be compensating you with three million five hundred thousand dollars on final conclusion of this project, while the rest shall be for my investment purposes in your country that you will propose to me. If this proposal is acceptable by you, I am waiting your positive respond with your full name and cell phone numbers so I can call you and explain more to you about the transfer modalities and procedures.
Please reply as soon as possible.
Best Regards,
Mr. Legail Marie.
Bill and Exchange Manager.
Email analysis :
NOTE : mr.legailmarie@virgilio.it
NOTE : wmichaelhimboah@webtgttt5.biz
Incoming Fax Report
************************************
INCOMING FAX REPORT
************************************
Date/Time: Tuesday, 21.01.2015
Speed: 123bps
Connection time: 01:06
Page: 3
Resolution: Normal
Remote ID: 871-748-171158
Line number: 9
DTMF/DID:
Description: Internal only
************************************
FAX-id9123912481712931.zip
Email analysis :
NOTE : no-reply@premium-fax.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < respellsrcwe1918@regalix.com >
NOTE : Remote : 82.130.246.56 (56.82-130-246.static.clientes.euskaltel.es)
NOTE : Incoming Fax Report
FAX-id9123912481712931.zip analysis :
AVG Generic36.ARVN 20150122
AVware Trojan.Win32.Generic!BT 20150122
Ad-Aware Trojan.GenericKD.2099790 20150122
Avast Win32:Trojan-gen 20150122
Avira TR/Crowti.A.152 20150122
BitDefender Trojan.GenericKD.2099790 20150122
CMC Trojan.Win32.Krap.2!O 20150120
Cyren W32/Trojan.SNJZ-4571 20150122
DrWeb Trojan.Encoder.514 20150122
ESET-NOD32 Win32/Filecoder.CO 20150122
Emsisoft Trojan.GenericKD.2099790 (B) 20150122
F-Prot W32/Trojan3.NGI 20150122
F-Secure Trojan.GenericKD.2099790 20150122
GData Trojan.GenericKD.2099790 20150122
Ikarus Trojan-Spy.Agent 20150122
K7AntiVirus Trojan ( 7000000c1 ) 20150122
K7GW Trojan ( 7000000c1 ) 20150122
Kaspersky Trojan-Ransom.Win32.Blocker.gkdv 20150122
McAfee Artemis!20834704BF1B 20150122
MicroWorld-eScan Trojan.GenericKD.2099790 20150122
Microsoft Ransom:Win32/Crowti.A 20150122
Qihoo-360 Win32/Trojan.Multi.daf 20150122
Sophos Mal/DrodZp-A 20150122
Symantec Trojan.Cryptolocker.F 20150122
Tencent Win32.Trojan.Inject.Auto 20150122
TrendMicro TROJ_FILECODER.K 20150122
TrendMicro-HouseCall Suspicious_GEN.F47V0121 20150122
VIPRE Trojan.Win32.Generic!BT 20150122
nProtect Trojan.GenericKD.2099790 20150122
INCOMING FAX REPORT
************************************
Date/Time: Tuesday, 21.01.2015
Speed: 123bps
Connection time: 01:06
Page: 3
Resolution: Normal
Remote ID: 871-748-171158
Line number: 9
DTMF/DID:
Description: Internal only
************************************
FAX-id9123912481712931.zip
Email analysis :
NOTE : no-reply@premium-fax.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < respellsrcwe1918@regalix.com >
NOTE : Remote : 82.130.246.56 (56.82-130-246.static.clientes.euskaltel.es)
NOTE : Incoming Fax Report
FAX-id9123912481712931.zip analysis :
AVG Generic36.ARVN 20150122
AVware Trojan.Win32.Generic!BT 20150122
Ad-Aware Trojan.GenericKD.2099790 20150122
Avast Win32:Trojan-gen 20150122
Avira TR/Crowti.A.152 20150122
BitDefender Trojan.GenericKD.2099790 20150122
CMC Trojan.Win32.Krap.2!O 20150120
Cyren W32/Trojan.SNJZ-4571 20150122
DrWeb Trojan.Encoder.514 20150122
ESET-NOD32 Win32/Filecoder.CO 20150122
Emsisoft Trojan.GenericKD.2099790 (B) 20150122
F-Prot W32/Trojan3.NGI 20150122
F-Secure Trojan.GenericKD.2099790 20150122
GData Trojan.GenericKD.2099790 20150122
Ikarus Trojan-Spy.Agent 20150122
K7AntiVirus Trojan ( 7000000c1 ) 20150122
K7GW Trojan ( 7000000c1 ) 20150122
Kaspersky Trojan-Ransom.Win32.Blocker.gkdv 20150122
McAfee Artemis!20834704BF1B 20150122
MicroWorld-eScan Trojan.GenericKD.2099790 20150122
Microsoft Ransom:Win32/Crowti.A 20150122
Qihoo-360 Win32/Trojan.Multi.daf 20150122
Sophos Mal/DrodZp-A 20150122
Symantec Trojan.Cryptolocker.F 20150122
Tencent Win32.Trojan.Inject.Auto 20150122
TrendMicro TROJ_FILECODER.K 20150122
TrendMicro-HouseCall Suspicious_GEN.F47V0121 20150122
VIPRE Trojan.Win32.Generic!BT 20150122
nProtect Trojan.GenericKD.2099790 20150122
Please help me urgently
Hi Dear,
I'm a lonely girl
The conflict in Ukraine occurred because of internal political developments.I am sitting on old wooden table in a cafe destroyed with bombardment,drinking from a little pot of tea, looking at my computer,and wondering whether you will decide to rescue me leave Ukraine.
I have now been here stranded for few weeks.I get little to eat and drink.I have seen some of my closest friends die in front of my eyes. My parents and only brother were killed in one day bombardment of the city hall.
This is a war crime who get to talk and who get to hear.Piles of bodies lie next to me at all times, wounded, dead, or even men and women whose minds have been destroyed by all that's going on around them.There are no words I could use to explain this disaster.Bombs are thrown around at every moment.I never know if one will hit me next.I fear I wont live to see tomorrow.Please pray for my life and well being.I’m not OK right now and I don’t know how long I can stay alive because of the amount of bombs they blown up over here.I can hardly sleep.It is so brutal down here Ukraine.
The scariest thing is when you get to know someone and then they just get killed right in front of you,that is very real and bloody. My parents and only brother become history.I can't believe I am here and I wake up every morning wondering if I will wake up tomorrow. Pray that the war is over soon so that I find way to the other part of Europe to claim my late father's money/gold.
I don't know if you can help me with money to try my escape route, if i have some money here, the red cross would help during seize fire windows which happens some days.if you can reply urgently i will be glad and explain to you how to get the money/gold to act as my investor when money/gold is retrieved from that holding company.
Please help me urgently.
Yours sincerely,
Ms. Alina Sushko
Email analysis :
NOTE : alinasushko@meta.ua
NOTE : w.u912@yahoo.pt
I'm a lonely girl
The conflict in Ukraine occurred because of internal political developments.I am sitting on old wooden table in a cafe destroyed with bombardment,drinking from a little pot of tea, looking at my computer,and wondering whether you will decide to rescue me leave Ukraine.
I have now been here stranded for few weeks.I get little to eat and drink.I have seen some of my closest friends die in front of my eyes. My parents and only brother were killed in one day bombardment of the city hall.
This is a war crime who get to talk and who get to hear.Piles of bodies lie next to me at all times, wounded, dead, or even men and women whose minds have been destroyed by all that's going on around them.There are no words I could use to explain this disaster.Bombs are thrown around at every moment.I never know if one will hit me next.I fear I wont live to see tomorrow.Please pray for my life and well being.I’m not OK right now and I don’t know how long I can stay alive because of the amount of bombs they blown up over here.I can hardly sleep.It is so brutal down here Ukraine.
The scariest thing is when you get to know someone and then they just get killed right in front of you,that is very real and bloody. My parents and only brother become history.I can't believe I am here and I wake up every morning wondering if I will wake up tomorrow. Pray that the war is over soon so that I find way to the other part of Europe to claim my late father's money/gold.
I don't know if you can help me with money to try my escape route, if i have some money here, the red cross would help during seize fire windows which happens some days.if you can reply urgently i will be glad and explain to you how to get the money/gold to act as my investor when money/gold is retrieved from that holding company.
Please help me urgently.
Yours sincerely,
Ms. Alina Sushko
Email analysis :
NOTE : alinasushko@meta.ua
NOTE : w.u912@yahoo.pt
Subscribe to:
Posts (Atom)