Kweku Abbey

Hello.

This is coming From Kweku Abbey, the immediate past credit manager of Ecobank Ghana. There is a serious proposal about a bonded Account in Ecobank i would require you give Urgent Attention to. If you are interested to know more about this, please do well to contact me via my Private E-mail address only as shown below.

Note that it will be beneficial to all parties concerned.

Regards,
Kweku Abbey
Email: kwekuabbeykweku2@yahoo.com.hk

Email analysis :

NOTE : ?>< Important/Priority Message NOTE : kwekuabbeykweku2@yahoo.com.hk NOTE : finance@mebel-your-style.ru NOTE : Received : from mebel-your-style.ru (localhost [127.0.0.1]) NOTE : by vv76.ru (8.14.4/8.14.7) NOTE : finance@mebel-your-style.ru designates 185.12.92.215 as permitted sender) NOTE : client-ip=185.12.92.215;

PAYMENT CONFIDENTIAL INFORMATION (STUDY AND REPLY)

FEDERAL TREASURY BOARD
CONTRACT EXAMINATION & PAYMENT UNIT
OFFICE OF THE PRESIDENT
FEDERAL REPUBLIC OF NIGERIA
PRIVATE EMAIL:d_elume@yahoo.com
TEL:2348045155488

Kind Attention

RE :PAYMENT CONFIDENTIAL INFORMATION $32.500.000.00 USD

Your file was forwarded to my desk for payment verification after presidential instructions on onward payment due to all federal government of Nigeria Foreign contractors . Behold that I have carefully gone through your file and honestly saying, this claims is one of the over- invoiced perpetrated by the past top government functionaries and claims of deceased ones with huge deposit with some of the commercial banks in Nigeria
such claims are normally recommend for forfeiture back to federal government treasury. But I must confess to you that the antecedence of your claims are almost perfect, for this I have develop a lot of interest to work with you and have the sum of money in question $32.500.000.00 USD released to you, if you are willing to work and share this amount with me 50-50%, half to you and half to me. I have political ambition in the next electoral dispensation come the year 2019 and with this I am sure of building up a strong political empire . If your name was used without your consent then, let me know so that we can appropriate this.

Pls Advise me a. s. a. p of your true position or give me a call immediately.

Dr N Elume (PhD Econs.MON)

FEDERAL TREASURY BOARD
OFFICE OF THE PRESIDENT

Email analysis :

NOTE : d_elume@yahoo.com
NOTE : admin@creativeonline.co.th
NOTE : Received : from 61-91-14-120.static.asianet.co.th
NOTE : (HELO zpanel.creativeonline.co.th) (61.91.14.120)

NOTE : Received : from APPS.PAWNEEISD.NET (unknown [199.38.190.91])

NOTE : by zpanel.creativeonline.co.th

invoice confirmation (Virus)

Good day,

Please find attached invoice for the past months. Remit the new payment
by 30/05/2016 as outlines under our payment agreement.

Regards

Sino

FILE : invoice0879657_pdf.ace

invoice0879657_pdf.ace is a virus.
SHA256: fe382fb45d36b6e03728384999eb79b38f198168dc6fcc4ddbdabb69439a205a
DrWeb : Trojan.PWS.Stealer.1932
ESET-NOD32 : a variant of MSIL/Injector.OZV
Sophos : Mal/DrodAce-A

Email analysis :

NOTE : bik@isioco.fr
NOTE : User-Agent : Roundcube Webmail/1.1.4
NOTE : Received : from us32L.aryadns.com (us132.aryadns.com. [64.31.31.132])
NOTE : Received : from webmail.isioco.fr (localhost [IPv6:::1])
NOTE : by us32L.aryadns.com (Postfix)
NOTE : client-ip=64.31.31.132;

.YOU

Greetings,

I am Mrs.Katherine Pascal. an aging widow suffering from Cancer illness .I have some funds Which I have inherited from my late husband, the sum of ($10.9 Million Dollars) And I needed a very honest and sincere Individual or co-operate organization that will use the fund for work of humanity,

I found your email address from the Human resources data base and decided to contact you. Please if you would be able to use the funds for the work of humanity as I have stated here in order to fulfill my late husband wishes please, kindly reply me back immediately.

Thanks.
Regards,
Mrs.Katherine Pascal.

Email analysis :

NOTE : mrskatherinepascal1960@gmail.com
NOTE : MRSKATHERINEPASCAL33@ONO.COM
NOTE : Received : from VAIO (197.239.65.4)

NOTE : by smtp3.ono.com (8.6.122.04)
NOTE : (authenticated as MRSKATHERINEPASCAL33@ONO.COM)

PayPal : User Agreement Changed (PayPal Phishing)

logo

Welcome

Some information on your account appears to be missing or incorrect. Please update your information promptly so that you can continue to enjoy all the benefits of your PayPal account. If you don't update your information within 2 days, we'll limit what you can do with your PayPal account.

Resolve the Security Issue.

If you need help logging in, go to our Help Center by clicking the Help link located in the upper right-hand corner of any PayPal page. .

Paypal
orth San Jose. 2211 N 1st St (btwn Charcot & Karina)

Paypal Co.
Phishing analysis :

CLICK : Resolve the Security Issue.
OPEN : http://www.tripidipi.cz/css
REDIRECT : http://www.tripidipi.cz/css/*/login.php?run=_login&session=*&access=*
SCREENSHOT :

VALIDATE : FORM
SCREENSHOT :

REDIRECT : AGAIN
SCREENSHOT :

VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :

VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :

REDIRECT : AGAIN
SCREENSHOT :

REDIRECT : https://secure.opinionlab.com/ccc01/comment_card.asp?time1=1402969318872&time2=1402969372567&prev=&referer=https:%2F%2FUS%2Epaypal%2Ecom%2Fen%5FUS%2F00%2FLog%5FIn%2Epage&height=768&width=1366&custom_var=kx3fhVVgW8gMa0n7M3NIPcBg7XZ2KBu2BcI5nN2fD2%252fd%252ffvYhBp7rQ%253d%253d_146aca2e3e4|Unknown|Log%20In|US|en_US|Unknown|Unknown|Unknown|Unknown

SCREENSHOT :

Email analysis :

NOTE : ersbys1@viagogo.com
NOTE : john2001barton@hotmail.com does not designate 94.126.40.172
NOTE : X-Canit-Geo : ip=94.126.40.140;
NOTE : country=GB;
NOTE : region=England;
NOTE : city=Stevenage;
NOTE : latitude=51.9022; longitude=-0.2026;
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : Received : from smarthost.hostingweb.co.uk (webpool1.lcn.com [94.126.40.140])
NOTE : by outscan2.ai270.net
NOTE : X-Php-Originating-Script : 317960:sm.php

__info__

Bonjour,

Nousdvenonsddeddésactiverdvotredcarteddedcrédit.

Pour le réactiver, vous devez vous connecter sur le site de la Banque Postale et accéder a votre espace sécurisé de Banque en ligne via le lien ci-dessous en saisissant vos identifiant et mot de passe ainsi que votre carte de crédit.

Accédez a vos comptes

Cedmessagedestdgénérédautomatiquement, ne répondezdpasda l' expéditeur.

Si vous n'etes pas destinataire(s) de ce message, merci de le détruire.

Visualiser la version en ligne | Signaler comme courrier indésirable

Combien de temps Sondage du jour
Cher(e) Francoise,

Nous avons le plaisir de vous proposer de gagner
un écran LCD Samsung 101 cm
en répondant au sondage du jour (3 questions seulement).

Combien de temps passez-vous devant la télé ?
passez-vous devant la télé ? Sondage
du jourCher(e) *|FNAME|*,Nous avons le plaisir
de vous proposer de gagnerun écran

>> Je réponds au sondage en cliquant-ici << Enquêtes, sondages et jeux concours Gratuit sans obligation d'achat - Gagnant déterminé par tirage sous contrôle d'huissier. Le gagnant recevra 500€ en bons d'achat. Vous recevez ce message car vous êtes membre de Deals Are Us. Vous pouvez exercer votre droit d'accès et de suppression à tout moment en nous contactant à: info@d-areus.com, ou en nous écrivant à Deals Are Us - Avenida Diagonal, 440 7a - 08037 Barcelona. Suivez ce lien pour vous désabonner. Politique de confidentialité. Phishing analysis :

CLICK : Accédez a vos comptes
OPEN : http://www.travelwhistle.com/u/21299134/8be6439/NwTUiWMy82G1ydRSlI8twYsqNRejnTEcLMF3.html
NOTE : Phishing was removed.

Email analysis :

NOTE : _info@sfr.fr
NOTE : Received : from upcloud.com ([166.63.123.184])

NOTE : nchrf@sfr.fr
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : X-Mailer : PHPMailer [version 1.73]
NOTE : Mime-Version : 1.0