Thursday, June 30, 2016

Good Day How are you doing.

Good Day,

My name is Miss Ayeisha Nafisa Muhammad a 22 years old girl from Syria, and my father is late Hafez Amin Muhammad who was killed on August 2015 by the Islamic State Terrorist.

I saw your email profile on Google search and I become interested to know you more. I will be very happy to know more about you because I have some thing very important to tell you.

Attachment here is my photo; please reply me so that we can know each other and exchange pleasantries and more photos

Regards
Ayeisha Nafisa Muhammad.

my photo1.jpg

File analysis :

File seems clean : my photo1.jpg
Transmission Reference : UXta1tuzNqKzviXdJnfx
IPTC Digest : b634d4e5e8b221057ad73dd3236c03a6

Instructions :

FBMD01000abf030000e6080000ab100000b6110000ed120000f11700000522000017230000882400001e26000063370000

Special Instructions :

%14%13%03%d3]4%d1%a6%df%d3}4%d3G%ba%d3%cd4%d3F%9b%d7M4%d3F%fa%d7]4%d3G%9d%d7m4%d3G%f5%d7%bd4%d3M9%dbm4%d3M{%db}4%d3O<%db%8d4%d3M^%db%ad4%d3N%b7%df%bd4%d3

Email analysis :

NOTE : ayeishanafisa@yahoo.com
NOTE : Return-Path : < ayeishanafisa@yahoo.com >
NOTE : Mime-Version : 1.0
NOTE : X-Yahoo-Newman-Property : ymail-3
No comments:
Labels : , , , ,

Disposition à prסpos de la ligne mobile (Phishing Free)

Bon jour

CFR

( Centre

Francais de

Recouvrement )

Screenshot of the email :


Email analysis :

NOTE : infos@titowape.com
NOTE : Content-Type : text/html; charset=UTF-8
NOTE : Content-Type : application/xhtml+xml
NOTE : Content-Disposition : inline
NOTE : Return-Path : < prefet@paroles-musique.com >
NOTE : Content-Transfer-Encoding : base64
NOTE : Received : from paroles-musique.com ([104.36.17.205])
NOTE : Disposition à prסpos de la ligne mobile

Phishing analysis :

CLICK : Se connecter
OPEN : http://dakarp.com/jame*.asp
RESULT : Phishing was removed
RESULT : Phishing attempt...
No comments:
Labels : , , , ,

Iazalde.Ludwig@alpestour.com has sent you a file via WeTransfer

Iazalde.Ludwig@alpestour.com
sent you some files
The updated agreement with RTS Consulting

Download

Files (6.24 MB total)
SageAccts 2016-06-29.zip
Will be deleted on
30 June, 2016

Get more out of WeTransfer, get Plus

About WeTransfer Contact Legal Powered by Amazon Web Services To make sure you can receive our emails, please add noreply@wetransfer.com to your trusted contacts

Link analysis :

CLICK : Download
OPEN : https://www.cubbyusercontent.com/pl/SageAccts+2016-06-29.zip/_24cfcb038b1b4223ae0b4d0cc41ecdbe
DOWNLOAD FILE : SageAccts 2016-06-29.zip

File analysis :

FILE : SageAccts 2016-06-29.zip
SHA256 : b50fe4e0b2bfa1e8157c306e7293fb9d097a91b99bf34621a3246211bb5368e2

FILE IS A TROJAN !!!

Avira (no cloud) : HEUR/Suspar.Gen
K7AntiVirus : Trojan ( 004dfe6d1 )
K7GW : Trojan ( 004dfe6d1 )
Kaspersky : HEUR:Trojan-Downloader.Script.Generic

Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Mime-Version : 1.0
NOTE : Message-Id : < *.*@alpestour.com >
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : 1.161.133.80;


NOTE : Iazalde.Ludwig@alpestour.com has sent you a file via WeTransfer
No comments:
Labels : , ,

Kindly respond for more details

Am Captain Kelvin Ken Miller currently I need you assistant to move some funds out of Iraq

Email analysis :

NOTE : genjohnwnicholson@ighomail.com
NOTE : abruant@virgilio.it
NOTE : Received : from User (unknown [105.227.180.214])


NOTE : by neptune.exsilia.net (Postfix)
No comments:
Labels : , , ,

Wednesday, June 29, 2016

My Name is Sr. ADALBERTO CESÁRIO

My Name is Sr. ADALBERTO CESÁRIO

I am from Portugal I have been diagnosed with cancer. It has defiled all forms of medical treatment, and right now I have only about a few months to live, according to medical experts. I have not particularly lived my life so well, as I never really cared for anyone (not even myself) but my business. Though I am very rich, I was never generous, I was always hostile to People and only focused on my business as that was the only thing I cared for. But now I regret all this as I now know that there is more to life than just wanting to have or make all the money in the world. I believe when God gives me a second chance to come to this world I would live my life a different way from how I have lived it. I would want to have a Personal and Trustworthy Relationship with you, as I intend and willing to empower the change of ownership for the transfer of my Deposits to your personal possession for further Investment and Charity Disbursement to the Less Privilege and Homeless. This is my private email address adalcesario93@gmail.com,write to me urgently.

I will send you the photos of me and my very hopeless and selfish family members, including my wife, who I learnt is getting married to my personal friend and attorney,

Thank you for your due consideration. God be with you.

Yours Brother.

Sr. ADALBERTO CESÁRIO

Email analysis :

NOTE : adalcesario91@hotmail.com
NOTE : client-ip=65.55.90.91;


NOTE : sender IP is 25.152.2.59


NOTE : Thread-Topic : My Name is Sr. ADALBERTO CESÁRIO
NOTE : Content-Language : en-US
NOTE : Mime-Version : 1.0
NOTE : X-Ms-Has-Attach :
No comments:
Labels : , ,

Catering

Hello my name is Charles i will like to know if you do catering service and can i know if you are the owner or manager, what is your name and do you accept credit card ?

Email analysis :

NOTE : ccarson5524@gmail.com
NOTE : claudesq@outlook.com
NOTE : kcarson0007@gmail.com
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe