Thursday, January 19, 2017

Please verify your Apple ID. (Apple Phishing)

Dear Customer,

Your AppIe lD has been disabled for security reasons ! To confirm your informations please click on the link below or copy and paste it to your browser then follow the instructions.

https://www.medfuture.com.au/Verification-iTunes/

Once you have update your account records, your information will be confirmed and your account will start to work as normal once again. If you have any questions, or require further assistance, please contact us.

Best Regards,
The AppIe Support Team

Contact Us | Affilaite Program | 1 Infinite Loop, Cupertino, CA 95014

Privacy Policy | Terms of Service | Terms of Sale

Phishing screenshot :


Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : Return-Path :
NOTE : X-Priority : 1
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : Received : from server2.com ([180.210.203.65])
NOTE : Received : by server2.com (Postfix, from userid 48)
NOTE : Message-Id : < *@jobcom.sg >
NOTE : client-ip=180.210.203.65;
NOTE : Content-Transfer-Encoding : 8bit
NOTE : Please verify your Apple ID.

Phishing analysis :

CLICK : https://www.medfuture.com.au/Verification-iTunes/
OPEN : https://www.medfuture.com.au/Verification-iTunes/
REDIRECT : https://www.medfuture.com.au/Verification-iTunes/*/CheckAuth.php?caseID=*&accLocked_websc=*c&processing_unverified?true=*
SCREENSHOT :


VALIDATE : FORM
SCREENSHOT :


RESULT : Phishing

Whois analysis :

Domain Name : medfuture.com.au
Registrant : Thiruchenthoran Sarvanantharaja
Registrant ID : ABN 72260916560
Eligibility Type : Sole Trader
Registrant Contact Name : Niraj Chenthoran
Tech Contact ID : CR210807141
Tech Contact Name : Niraj Chenthoran
Name Server : ns1.medfuture.com.au
Name Server IP : 166.62.39.20
Name Server : ns2.medfuture.com.au

Monday, January 16, 2017

URGENT REPLY


Hello, Dear

I am Hasher Al Maktoum, Chairman of the Dubai International Holding Company.

I am seeking your partnership in going into a private investment venture. I am interested in investing in your country, so I will like us to begin our acquaintance through this medium so we can discuss more.

I hope to hear from you soon.

Regards
Hasher Al Maktoum
Reply Re

Email analysis :

NOTE : hasheralmaktoum22@gmail.com
NOTE : hasheralmaktoum7@outlook.com
NOTE : Received : from HK2PR0401MB1377.apcprd04.prod.outlook.com ([10.165.180.23])

Sunday, January 15, 2017

Compliment" Info From Benson

Compliment,

I am a politician representing my constituency at just concluded election in Ghana and also a member of Ghana's executive committee on contract awards. My Name is Mr. Benson Kwaku. The reason of relating to you is to aid me in securing some money oversea for protected custody which I deliberately reserved for funding of my parliamentary elections campaign under the party leadership of the National Democratic Congress (NDC) last year December 7th 2016, regrettably for me I lost the parliamentary seat to the opposition party of The New Patriotic Party (NPP).

As an executive member on contract award committee, I was able to dump some kickback money emanated from award of contracts awarded to Japanese and German companies in a security vault with a commercial bank in Ghana pending when I will found a reliable individual to budge out the fund from Ghana to offshore bank account for a company venture.

Contacting you arose from the fact that the present-elect government vowed to crack down on our administrative functionaries of (NDC) and will trace all the resources that was made through contract awards and other mouth watering deals during our tenure in the office from the year 2008 to 2016, if they succeed in tracing this fund to me, they will confiscate it and thereby devastating my life time opportunities.

It become paramount for me to move this fund in a foreigner's name to keep away from any trace. What I require from you is a promise that you can hold the total sum involved (US$19.5M) Nineteen Million, Five Hundred Thousand United State Dollars contentedly and that I can also have confidence you.

I want you to instantly inform me of your readiness in supporting and co-operating with me in receiving the above sum in your account, That will enable me send you complete details of this business deal.

Thanks
Benson Kwaku

Email analysis :

NOTE : benson.kwaku@poczta.onet.pl
NOTE : test@imamatjome.com
NOTE : Received : from User by mail.imamatjome.com (MDaemon PRO v14.5.2)

Friday, January 13, 2017

RE: Hello Friend

Hello Friend

I am representing an investment interest from Thailand interested in overseas investment involving large volume of funds, for which we seek your participation as an overseas representative to handle the investment. My client, who is a native of Thailand, has some money from his business savings he wants to invest under qualified foreign partnership. If you feel disposed towards the solicited role, please indicate by prompt response, so that I may provide you further details of the cooperation. Bear in mind however, that this is a legitimate transaction and I look forward to your prompt response to my private email below:

Regards, email: helpthaiinvest@hotmail.com

Email analysis :

NOTE : a*.s*@ext.uni.lu
NOTE : helpthaiinvest@hotmail.com
NOTE : Received : from hercules.uni.lu (hercules.uni.lu. [158.64.76.33])


NOTE : hercules.uni.lu
NOTE : www.uni.lu


NOTE : X-Originating-Ip : [10.34.0.8]

Arthur Wolfe

Sind Sie in irgendeiner Art von finanziellen Schwierigkeiten? Brauchen Sie ein Darlehen, um Ihre Schulden klar? Sind Sie ein Geschäftsmann oder eine Frau, die sein Geschäft ausweiten will? Wir bieten Darlehen aller Art an Einzelpersonen, Firmen und Kooperationsorganisationen, die einen Kredit mit einem niedrigen Zinssatz von 3% benötigen, kontaktieren Sie uns heute

Name des Bewerbers:
Benötigte Menge:
Land:
Telefon:
Darlehenslaufzeit:

Email analysis :

NOTE : arthurwolfeloans2@outlook.com
NOTE : soaring2@singnet.com.sg
NOTE : X-Client-Ip : IPv4[197.210.28.130]

Wednesday, January 11, 2017

Juan Basilio Tahay Aguilar

I am sorry i sent you this mail which came as unsolicited E-mail in your junk Folder, i just want to inform you that Mr Graham Nelson is currently offering 3% Loan to every one. if you are interested contact email: grahamloanfirm01@gmail.com

Fill And Return...

Name:
Country:
Mobile number:
Amount needed as loan:
Loan duration:
Age:
Sex:

ALL REPLIES SHOULD BE SENT TO THIS EMAIL : : grahamloanfirm01@gmail.com

Email analysis :

NOTE : grahamloanfirm01@gmail.com
NOTE : jtahay@mineduc.gob.gt
NOTE : Received : from mail03.mineduc.gob.gt (unknown [172.16.0.2])
NOTE : by mineducantispam.mineduc.gob.gt


NOTE : mineduc.gob.gt server was used to relay this scam.