reply (Inheritance scam)

Based on our investigation of your payment, we want to find out if you're still alive or did you sign any deed of assignment with (Ms Grace Smith) to receive your contract /Inheritance payment worth of US$7.5M, reply to us with the following details, Your Name: ,Your Address ,Your Age/Sex,Your Mobile No: to email: imforangisation@gmail.com OR CALL +91-886 059 1944

Yours Sincerely,
Mr. Adrian Tobias
IMF Resident Representative
Tel:+91-886 059 1944

Email analysis :

NOTE : imforangisation@gmail.com
NOTE : albanizaluciano@agespisa.com.br
NOTE : Received : from mail.agespisa.com.br ([127.0.0.1])
NOTE : by localhost (mail.agespisa.com.br [127.0.0.1])
NOTE : Received : from mail.agespisa.com.br
NOTE : (mail.agespisa.com.br [172.20.1.72])
NOTE : Received : from mail.agespisa.com.br
NOTE : (mail.agespisa.com.br. [200.217.241.123])

Your PayPal account has been temporarily Locked! (PayPal Phishing)

paypal

Welcome

Dear *@*,

Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)

Activate

Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.

Yours sincerely,
PayPalYours sincerely,
PayPal

Email analysis :

NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])

Phishing analysis :

CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :

TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :

CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :

CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :

Antonin (Military Scam)

I am Sgt Antonin Andel, i have a project for you.

Email analysis :

NOTE : antonin.andel@outlook.fr
NOTE : postmaster@spamwall.quilmes.gov.ar
NOTE : designates 190.120.191.6 as permitted sender)
NOTE : client-ip=190.120.191.6;

NOTE : Received : from [192.168.0.100] (unknown [43.240.7.127])

Bonjour (Arnaque financement)

Bonjour,

Par respect, êtes-vous en besoin de financement ? Si oui, je vous expliquerai plus en détails dans mon prochain mail.

A vous lire,

Linette TROST

Email analysis :

NOTE : sperandeosnc@tin.it
NOTE : linette.trost@gmail.com
NOTE : X-Originating-Ip : 41.138.89.213:49283

NOTE : sperandeosnc@tin.it designates 212.216.176.195
NOTE : as permitted sender) client-ip=212.216.176.195;

Your response is highly appreciated!!

Hello ,

I am specifically contacting you in respect of a business proposal that I have for you as you appear very relevant in the proposal.

Please kindly reply back to me for further details.

Waiting to hear from you.

Regards,

Mr.Adams Salem

Email analysis :

NOTE : mradamssalem@mail.ru
NOTE : do.tapia@centrosur.gob.ec
NOTE : Received : from DESKTOP-THKGO5T.localdomain
NOTE : (unknown [169.159.126.174])

NOTE : by mail.iniciativa.cat (Postfix)

PRIVATE....

I am seeking your assistance in helping me receive a large amount of money and in giving a clear research and feasibility study on areas I could invest on. If you are interested then kindly send your feedback to this mailbox: mrmichealwuu14@yahoo.com.hk

Regards,
Micheal Wu

Email analysis :

NOTE : mrmichealwuu14@yahoo.com.hk
NOTE : drmartens.trinoma@cln.com.ph
NOTE : Received : from [74.208.131.168]
NOTE : (unknown [74.208.131.168])

NOTE : by mail.cln.com.ph (Postfix)